The World Cup is around the corner and everyone is either starting to prepare with scheduling their upcoming travel to Russia or simply planning when they will stream the games they care most about online. When it comes to travelling to Russia for the World Cup, it is critically important to know how cyber criminals target their victims, what travelers can do to reduce the risk, and ways to make it more challenging for attackers to steal their important company or personal information, identity or money.
Here are five best practices to stay safe online while traveling to and attending the World Cup.
1. Don’t lose your data, stay protected and relax.
While on vacation or at the World Cup, it is a common place for things to get lost, misplaced or stolen. It can happen in an instance by simply forgetting your laptop on the bus or the taxi, or by being distracted chasing after your children – all while someone else walking away with your tablet or laptop. Whether it’s your personal or company laptop this can lead to major security risks, compromising your data. Realistically, this is the last thing you want ruining your trip.
Tip: Backup, update and encrypt. Before you leave for the World Cup, make sure you back up all devices and data. Double check that all security updates are applied, and finally check your security settings. For example, ensure your sensitive data is encrypted.
2. Beware of social logins and limit the use of application passwords.
Almost every service you sign up for while on such trips now requests you connect using your social media accounts to gain access to whatever it is you are trying to do. The problem with using your social media account for these services is that you are providing and sharing personal details about yourself. This means you are giving these services the ability to continuously access your location, updates and personal information.
Tip: Use unique accounts, rather than social logins as those accounts get compromised, and cyber criminals could cascade to all the accounts using the social login.
3. Beware of what you do over public Wi-Fi.
Always assume someone is monitoring your data over public Wi-Fi. Do not access your sensitive data, such as financial information over public Wi-Fi. Do not change your passwords and beware of entering credentials while using public Wi-Fi. If you have a mobile device with a personal hotspot function, use this over public Wi-Fi. During vacations, it can be expensive if you decide to use the highly expensive data roaming options from telecommunication companies, so when using public Wi-Fi during vacation always make sure to use it with caution, securely and with the following tips in mind.
Tip: Do not use a public Wi-Fi network without a VPN. Instead, use your cell network (3G/4G/LTE) when security is important. When using public Wi-Fi, ask the vendor for the correct name of the Wi-Fi access point and whether it has security. It is common for cybercriminals to publish their own Wi-Fi SID with similar names. Disable Auto Connect Wi-Fi or Enable “Ask to Join Networks.” Many cybercriminals will use Wi-Fi access points with common names like “Airport” or “Cafe” so your device will auto connect without your knowledge. Do not select to remember the Wi-Fi network. Use the latest web browsers as they have improved security for fake websites. This prevents someone from hosting their own websites, like Facebook, waiting for you to enter your credentials. Do not click on suspicious links – even via social chats like videos that contain your photos – and beware of advertisements that could direct you to compromised websites. Use a least privileged user or standard user while browsing, as this will significantly reduce the possibility of installing malicious malware.
4. Beware of credit card skimmers.
It is going to be common at some point during your vacation that you are going to need to take out cash from an ATM. As simple as it may appear, this can sometimes be a very damaging experience if caution is not taken. Cyber criminals have targeted popular tourist locations for credit card skimmers. Credit card skimmers are very small devices which steal your credit card number and PIN code, even though it requires physical access, these are still very popular scams.
Tip: When on vacation or traveling, I usually find myself in need of visiting an ATM to take out cash (which is my biggest concern while travelling). Use an ATM inside rather than an outside ATM. The reason behind that is because the ATMs inside are less likely to be compromised and difficult for those shoulder surfers. Before placing your card into the ATM, check the card slot and PIN pad for any signs of tampering. Keep all receipts, and when you return home from your vacation change your credit card pin number and check your transactions. Try to use a credit card versus a debit card as you have better protection from fraud. These tips will help keep your money in your pocket and not put it into the cyber criminal’s pocket.
5. Before “clicking,” stop, think and check if it is expected, valid and trusted.
We are a society of clickers; we like to click on things (like hyperlinks for example). Always be cautious of receiving any messages with a hyperlink. Before clicking, ask yourself – “Was this expected?”, “Do I know the person who is sending this?” On occasion, check in with the actual person if they sent you an email before you aimlessly click on something in which might be malware, ransomware, a remote access tool or a virus that could steal or access your data. Nearly 30 percent of people will click on malicious links and we need to be more aware and cautious.
Tip: Before clicking, stop and think. Check the URL, make sure the URL is using HTTPS. In addition, check if the URL is coming from a legitimate source. Discover where the hyperlink is taking you before you click on it as you might get a nasty surprise.
The World Cup should be a time to relax, enjoy the amazing games and can be a great experience as long as you stay safe while attending. If followed, these best practices will help you avoid becoming the next victim of cybercrime.