Whenever you go on holiday, you end up taking all your personal data. The information on your personal phone, laptop or other smart device is at more risk of being compromised or stolen on holiday than when you’re at home or work.
While vacations are all about family time, the digital evolution has opened up new to your privacy and data, especially since we’ve become so addicted to posting photos on social networks and even taking a quick peak at work emails.
Since internet access or roaming usually means costs, the common belief is that connecting for a short while to a free hotspot can’t be that harmful. However, things couldn’t be further from the truth. By connecting to an attacker-controlled free Wi-Fi to check your email or social media account, you could lose more than just your account password – you could lose critical data from your device as well.
Last Call for Boarding
While airports have really tight physical security, there’s still room for improvement when it comes to rogue Wi-Fi hotspots. There have been numerous social experiments involving security experts who set up such benign hotspots just to find out if and how many people would actually connect to them.
Surprisingly, a great deal of people fall for the “Free Airport Wi-Fi” – and related – network names, connecting both their mobile devices and laptops to such unsecure networks. Once connected, attackers can start collecting passwords.
Latte, Mocha and Your Passwords
On vacation you need your daily dose of caffeine and there’s no place like the coffee shop around the corner to get a fix. Before actually venturing out into the wild and interacting with friends and family, you might want to sit down and enjoy the steaming brew while checking your Facebook account and perhaps going through some emails.
Since most of these places offer a free Wi-Fi connection, users will often connect to it. However, that might not always be a great idea as an attacker could set up a rogue network bearing the name of the coffee shop – or something similar- and start altering or recording your traffic as soon as you connect. You might end up delivering your passwords or even installing malware via some social engineering tactics to the attacker, as your attention is not really at its peak without that important dose of caffeine in your blood.
Hotels are also a popular choice for attackers who want to deploy their own rogue or malicious Wi-Fi hotspots, as guests usually implicitly trust any hotspot name that has the hotel’s name in it. To this end, it’s usually a good idea to call the front desk and request the name of their official Wi-Fi network, along with the password.
Best practice dictates that you also let them know if you spot a similarly-looking Wi-Fi network that’s unprotected, so they can start investigating if it’s a rogue network.
Next Stop, Data City
As a tourist, you’ll probably have to use the train or some public transportation every now and again to get around. Rogue and attacker-manipulated Wi-Fi hotspots can be set up even in the train station or your friendly bus station, especially if tourists are often nearby and using them.
The more crowded with tourists a location is, the more likely attackers will try to find a way to get your data or even get ahold of your physical devices. To this end, having some sort of anti-theft solution that allows for remote data wiping capabilities would also be a great idea.
Even when you’re by the swimming pool or at the beach and you get the urge to post a selfie, new status update or make some banking transactions, make sure that it’s not while your connected to an open Wi-Fi network. Chances are that that’s a rogue Wi-Fi owned by an attacker that’s hoping to catch that big fish and gain access to your accounts, including your bank account.
Just Mobile Data
If you really must perform any type of online activity, use your mobile data and, if you must connect to any type of Wi-Fi, just make sure that you also have a VPN installed along with a mobile security solution. Otherwise, you risk losing more than just your accounts, but also some of your vacation money if you’re not careful.