Don’t Let Digital Highwaymen Spoil Your Summer Adventures

Highwayman Robbing Coach Sketch
A Highwayman holds up a coach, illustration by E.A. Holloway 1923

After more than a year of remote work and learning, summer vacation is calling, and families are ready to roam! According to the American Automobile Association (AAA), more than 47.7 million Americans will travel this Independence Day (July 1-5) ( Hall 2021 ), a 40% increase in travel volume over last year. Most travelers (43.6 M) plan to load the car and hit the road, participating in the age-old American road trip tradition, stopping at roadside eateries, gas stations, motels, and attractions along the way. Others (3.3 M) will travel by air, burning some extra summer daylight in airport shops, restaurants, and boarding areas.

As you embark on your summer adventures, don’t forget the basics—hat, sunglasses, sunscreen, snacks—and remember that even as you encounter new places and friendly faces, digital highwaymen are ready and waiting to intercept your devices and personal information.

Caleb Barlow, Vice President of X-Force Threat Intelligence at IBM Security, cautions travelers, who typically carry “a goldmine of data while traveling, including passports, payment information, and detailed travel itineraries.” Cybercriminals use these data to create a detailed picture to “inform identity theft, initiate spear phishing attacks, or be sold on the dark web” (Kane 2019).

Don’t let cybercrime ruin a great time. Travel can be difficult, disorienting, and distracting, making it easy to compromise security for momentary convenience while traveling. If you plan to travel, protect yourself by following the recommendations below:

  1. Never charge your device at a public USB station. Cybercriminals modify these stations to download your data and install malware on your device. Instead of using a public USB station, bring your own backup battery bank for charging on the go. 
  2. Don’t connect to public Wi-Fi networks and disable auto-connect on your devices. Also, disable auto-connect on Bluetooth devices for additional security.
  3. Avoid using your debit card to pay for things. When using an ATM, choose a machine inside a bank branch or at the airport. Criminals are less likely to tamper with these continuously monitored machines.
  4. Monitor your loyalty rewards accounts, which are as good as cash to cybercriminals. Use strong passwords on these accounts and set up multi-factor authentication if it is available.
  5. Avoid verbally sharing your trip details while you are out and about while traveling.
  6. Avoid sharing trip details (e.g., departure dates and other travel plans) online in publicly accessible places like social media. Hold off on posting vacation photos until you return home to avoid inadvertently sharing where you are or that you aren’t at home. 
  7. Set a passcode and turn on your auto-lock screen on all devices.
  8. Enable multi-factor authentication whenever possible.
  9. Update your devices and apps before your departure to ensure the most recent security patches protect you.
  10. Back up your devices to a secure server before your departure. If your device is lost or stolen while traveling, you won’t also lose your data.
  11. Connect to the internet using a Virtual Private Network (VPN). WashU’s OnTheHub store offers several VPN options at a discounted prices for faculty, staff, and students.
  12. Shred your tickets, boarding passes, luggage tags, and any other travel-related personal information when you’re finished using them.
  13. When you return home, scan your devices using antivirus and malware detection software, and change your passwords in case your devices were unknowingly compromised while traveling.

Using these strategies, you can protect yourself and your data from cybercriminals while traveling or anytime. We wish you happy and secure travels! Thank you for all you do to protect yourself and help keep WashU secure.