Holiday Travel And Cyber Security: Be Safe When Using Public WiFi

You may anticipate an uptick in crime whether you’re going or staying home since criminals utilize the holidays to prey on gullible visitors and online shoppers.

Holiday travel has made airports busier than ever. You arrive at the boarding gate with more than an hour to wait before your flight home after standing in what seemed like never-ending queues.

While connected to a public Wi-Fi network without data encryption, you choose to examine a few emails.

Unfortunately, a rival is waiting to catch their trip home at the same airport.

While they wait, they continue to be logged into the same open Wi-Fi network as you and are collecting unencrypted network data.

They may observe every website you visit, which unintentionally divulges private information.

If you decide to travel over the holidays, you’ll probably experience increased security risks from criminals who prey on gullible tourists.

Due to their lack of familiarity with the local area and their propensity to make expensive purchases, travelers are frequently the top targets for thieves. Pickpockets may target wallets, and criminals may try to break into vacation rentals or rented automobiles, as well as seize handbags or shopping bags.

Travelers should always be mindful of their surroundings and should refrain from wearing or carrying high-value things out in the open.

Those who travel should be cautious about cyberattacks when they are overseas.

Travelers are especially vulnerable to physical device theft, identity and data theft on public networks,

1.malware installation,
2.targeted ransom assaults,
3.and cryptojacking, which uses a victim’s device to mine cryptocurrency.

What can you do to safeguard your mobile device?

Wireless local area networks that are open to the public and do not need a password are known as public Wi-Fi networks.

Unfortunately, a large number of public Wi-Fi access points and hotspots do not provide encryption.

1. While using public wireless networks while traveling is practical, sensitive data may be exposed if a mobile device is not adequately protected and connects to a public Wi-Fi hotspot.
2. This is because networks without data-in-transit security measures run the danger of having sensitive data on them being accessed by unwanted eavesdroppers.
   Employees may work remotely from a variety of public locations, including hotels, airports, and coffee shops, using public Wi-Fi.

On their portable mobile devices, users of public Wi-Fi may hold private, sensitive, and/or confidential information, or they may utilize such devices to remotely access corporate resources.

If information is compromised, a business might suffer substantial injury, financial loss, or reputational damage.

What does listening in mean?

1. A data-in-transit attack known as eavesdropping occurs when a third party intercepts, changes, or deletes data being transferred between two devices.
2. When a person connects to an unencrypted, unsafe network, an attack may take place.
3. An attacker would be aware of the domains, internet protocol (IP) addresses, and services (indicated by port numbers) to which the device connects; an attacker could use this knowledge for an adversary-in-the-middle attack against the device or the user even if the transmitted data was encrypted by the application.
   Such exposure could potentially lead to the theft of personally identifiable data (PII).

Theft of PII is exceedingly risky and raises serious issues.

PII may take many different forms, including:

1. login passwords,
2. financial information,
3. personal data,
4. photographs,
5. location information,
6. and special device identifiers like the International Mobile Equipment Identity (IMEI)
7. and the Universal Device Identifier (UDID).
   Once a malicious party has access to a user’s login information and logs into their personal accounts and sites, they may do harm or steal personally identifiable information (PII).

This happens when the user’s mobile device network data is not encrypted.

An opponent may intercept information exchanged over the Internet using public Wi-Fi.

Reduce the Threat

1. Individuals or businesses may be careful to use secure connections to websites and services in order to lessen this hazard. Several alternatives include:

2. A virtual private network (VPN) solution can guarantee that all data going to and coming from their apps is encrypted before it leaves the device;

3. Websites that utilize HTTPS, or Hypertext Transfer Protocol Secure, which is HTTP sent via Transport Layer Security, assist in maintaining the confidentiality and integrity of data and confirm website authentication;

4. Stay away from using unsecured public WiFi, such as those offered by hotels, airports, and cafés;

5. Enabling remote wiping on all devices;

6. Get business travel insurance to limit possible losses from lost or stolen data or equipment.

Public Wi-Fi networks might not offer data-in-transit protection, but with the right safeguards in place, their convenience can be used with greater assurance. Bring Your Own Device (BYOD) for mobile device security.

NIST Special Publication 1800-22 has further details on how to safeguard against these and other possible mobile risks.

Holiday Online Shopping Safety

Online Christmas shopping provides a perfect chance for crooks to use schemes and cyberattacks to target consumers and tourists.

Your identity might be stolen, your credit card information could be used to make transactions, or harmful software could be installed on your personal devices.

These frauds and schemes take many different shapes:

Internet fraud.

Emails, advertisements, or dubious websites that offer sales, deals, and hard-to-find brand-name goods but, upon delivery, are not what was promised.

Scams may also emerge as social media postings, often passing for holiday promotions or giveaways that promise coupons, gift cards, freebies, competitions, and fake or phony goods.

These techniques often aim to deceive users into disclosing personal data that may be exploited for fraud or identity theft.

Phony charities

False charities may be established by perpetrators to deceive people into giving to real charity organizations.

Cold calls, email promotions, crowdfunding websites, phony social media profiles, and websites may all be used as means of solicitation.

Counterfeit gift cards

Shoppers may get counterfeit emails, calls, or messages from people posing as friends asking them to buy several gift cards for either personal or professional reasons throughout the holiday season.

The subsequent purchase of goods and services—which may or may not be legal—is made possible by the gift cards.

The following steps can help you avoid Holiday shopping frauds online:

1. Before entering financial or personal information on websites, be sure they are legitimate.
2. On your devices and in your personal and professional accounts, enable multi-factor authentication (MFA).
3. To create and preserve unique passwords, use strong passwords and a password manager.
4. If a deal seems too good to be true, it probably is, especially if the seller is unknown.
   Avoid clicking links in emails or texts from unknown senders, and double-check any “known” senders.

Holiday Cyber Safety Tips For Your Home

Homes stuffed with presents and valuables make particularly attractive targets for thieves, whether you’re traveling or remaining home for the holidays.

These evildoers are probably on the lookout for locals who are taking lengthy vacations and leaving their houses unoccupied, making them easy targets for break-ins.

It can already be too late by the time you discover a burglary has taken place.

While you are absent for short intervals at a time, burglars can target your automobile or home.

Criminals may follow you home from the shop after watching your social media to determine your purchases and travel plans.

Be on the lookout for people dumping pricey presents and goods. In one incident, two armed thieves entered a Los Angeles house during a party and took jewelry, phones, and other items from the visitors.

To keep your house secure throughout the holidays, take the following precautions:

1. Avoid posting about your trip on social media or posting notes on your door notifying your neighbors or delivery services of your absence. Instead, get in touch with them personally and give them instructions for the time being.
2. To create the illusion that someone is home, leave some lights on and/or a radio or TV on low level while you are gone.
3. Lock all windows and doors because opportunistic robbers often alter their targets when even a little amount of deterrent is present.