When I’m not out traveling the world, I’m working in cyber security. I have found that many of the tips and tricks I give to my fellow colleagues in order to keep them safe from hackers and identity thieves can also help my fellow travelers. Besides, nobody wants to be worrying about being hacked when they’re traveling. They want to be out enjoying the adventure! Without any further ado, here are my tips and tricks for cyber security while traveling.
Disclaimer: This post contains affiliate links. Find more information about affiliate links on our policy page.
Tip #1 – Keep Copies of Important Documents
If important documents get lost or stolen, you could be in for a world of hurt. It’s hard to enjoy a vacation or adventure when you’re worrying about how in the world you are going to get home because your driver’s license or passport was stolen. Keeping copies of everything can really come in handy.
For many of my documents, I keep digital and physical photo copies. The digital copies I keep on my phone and laptop that way I have easy access to them. I also keep the physical copies on me when I’m out and about (in my wallet, in my backpack, etc) and the real copies I keep locked away in my suitcase.
Suggestions of documents to keep copies of:
- Passport and visa
- Government issued ID (i.e. driver’s license)
- Insurance (travel and health)
- All prepaid confirmations (i.e. airline tickets, hotel reservations, car rental)
- Credit/Debit Cards
- Proof of citizenship (i.e. birth certificate)*
- Passport size photos (2in x 2in)*
Some people may disagree with having copies of your credit and debit cards, but if your cards are stolen, having the card details on hand may be useful.
Copies of your vaccinations may be useful depending on what country you visit, as some countries may require vaccinations that your home country does not.
Proof of citizenship and a passport size photo (in the US these are 2in x 2in) are also convenient if you need to get a replacement passport. Having these at hand will be one less thing you have to do in the process of getting your replacement.
Tip #2 – Bring a Max of 3 Debit/Credit Cards
When you are going on a trip, you don’t need to bring every credit and debit card you own. What are the chances that you would actually use your Target or Best Buy credit cards on your trip? If you’re traveling to another country, do they even have Target and Best Buy stores? The more cards you bring, the more you have to keep track of. Make cyber security while traveling easy and limit the number of credit and debit cards you bring.
Rely on your credit cards more than your debit cards. Debit cards don’t have nearly as many fraud and identity theft protections as credit cards. Many security professionals would recommend not even bringing debit cards. However, in many countries cash is still king and having a debit card may be handy if you need to withdraw cash. If you can use your phone or credit cards to make cash withdrawals, then you should probably leave your debit card at home.
On my trips, I take two credit cards and a debit card. I only use my debit card to make withdrawals from an ATM. As for credit cards, one of my credit cards I use as my primary, and I charge everything to this card. The second credit card I keep locked away in my suitcase. That way, if something happens to my primary card, I will still have access to money.
Tip #3 – Watch Out for Skimmers and Shimmers
Hackers don’t need to steal your physical credit or debit cards. They just need to steal the digital information on your card. Card skimmers steal the digital information in the magnetic strip in your card. It’s one of the most common dangers to cyber security while traveling!
With many credit and debit card companies now using chips, these are slowly becoming outdated. However, new card shimmers have been created to steal the information stored in the chip in your cards.
Ways you can spot credit/debit card skimmers:
- Look for devices that have been installed on the card reader (i.e. the card reader sticks out further than usual, you cannot see the lights on the keypad). Most skimmers pop or slide off. Consider slightly jostling the card reader before swiping your card.
- Some skimmers can now be placed on the inside of machines where you cannot see them. To combat this, many companies have added tamper evident tape to their devices. If the tape has been voided, do not swipe your card.
Ways you can spot credit/debit card shimmers:
- When you insert your card into the payment device, the card should only go in about halfway. If it goes in further, it may be a shimmer. Consider entering your card in the wrong way first to ensure that a shimmer has not been installed.
Tip#4 – Never Let Your Card Leave Your Sight
This travel security tip is not always easy or practical, but do your best not to let your credit/debit cards leave your sight. It’s never happened to me, but I’ve heard stories of waiters and waitresses having handheld card skimmers (mentioned above). Once they take your card in the back to ring out your bill, they run your card through their hand held skimmer and steal the card information.
Instead, consider taking the bill up to a counter or register instead of letting the waiter or waitress take it.
It might not always be feasible to keep your card in sight at all times, but do your best. If nothing else, it will ensure that you don’t loose it or accidentally leave it somewhere.
Tip #5 – Sign Up for Financial Alerts
One of the best and fastest ways to find out that your account or card has been hacked is through financial alerts. Many financial institutions allow you to set up alerts so you can get text or email notifications when they see unusual or large charges on your account. The sooner you know that your account has been compromised, the sooner you can do something about it and prevent the hackers from doing any more damage.
Tip #6 – Avoid Public Wifi
Most free WiFi networks (like the ones you often find at coffee shops and hotels) usually are not encrypted. This means that – in the right scenario – a hacker could possibly spy on your internet activity. Out of all of my tips for cyber security while traveling, this is probably the most frequently overlooked.
Your best bet is to avoid public WiFi altogether. If you have a decent cell phone data plan, consider using your phone as a WiFi hotspot to conduct all internet activity.
For various reasons, using a a cell phone data plan might not always be feasible (you have a small data plan, your cell provider doesn’t allow hotspots, etc). In these cases, your best bet is to use a Virtual Private Network (VPN). Using a VPN will encrypt your internet traffic, preventing hackers from spying on what you are doing.
My recommended VPN providers:
Tip#7 – Increase Device Security Settings
Before you leave, make sure to update your computer (your operating system, installed programs, etc). Some of the major breaches you hear about in the news could have been prevented if their systems had been up to date. Keeping your system up to date helps prevents hackers from taking advantage of known vulnerabilities.
This includes keeping your antivirus software up to date.
“In 2016, the cybersecurity company McAfee says it found four [new strains of malware] every second.” – Michael Thornton
Your anti-virus software can only detect viruses it knows of. Since new viruses are constantly being created, it’s important to keep your anti-virus software up to date so it can continue to protect you.
Also, if you don’t already, consider password protecting all of your devices. This way, if your device is stolen, it will be harder for the thieves to access the information you have on your device. You can add an additional layer of security by telling your devices to automatically lock if you’ve been idle for a certain amount of time.
For mobile devices such as phones and tablets (and even some laptops) you can install Find My Device (Android) or Find iPhone (iOS). This way if your device is lost or stolen, you may be able to locate it again.
Tip #8 – Backup Devices
Unfortunately it’s somewhat easy to lose devices when traveling. You are usually out of your routine and sometimes even out of your comfort zone, which can make keeping track of things difficult at times. You can minimize the damage of lost or stolen devices by taking a few preparation steps before hand.
Remove all files with personal information before your trip. This way, if your device is lost or stolen, none of your personal information will be at risk. For all the files you need to keep on the device, make sure you have backups (copies stored somewhere else).
Tip #9 – Create a New Email Account
This tip for cyber security while traveling might surprise a few people. Should you really go through the hassle of creating a new email account and making sure everyone important to you knows your new travel email address? Yes, most definitely.
Your email address is arguably your most important online account, possibly even more important than your online banking accounts. Why? If a hacker gets access to your email account, they can then go through the “forgot password” services of other websites and gain access to those accounts as well.
Think about how much personal information might be in your email account? Do you get financial statements or bills through email? Do any of the emails possibly contain your address or date of birth? How much damage could somebody do with the information in your email inbox?
You should definitely consider creating a new email address and giving it out to your friends and family before your trip. That way, if your new email address gets hacked while you are traveling, you won’t be in danger of having any of your other accounts or personal information compromised.
Tip#10 – Get an RFID Wallet
RFID stands for Radio Frequency Identification. It can be used in many things, but when it comes to cyber security while traveling, the important things for us to be aware of are credit/debit cards and passports. If your credit or debit card is RFID enabled, you can simply hold it close to payment devices to pay for something (instead of swiping or inserting it). Similarly, passports that are RFID enabled allow for easy scanning of the passport in order to get the information on the identification page.
Note that not all credit/debit cards and passports are RFID enabled. There are a couple of ways to tell whether or not your credit or debit cards are RFID enabled. They will either have four curved lines that look like the Wifi symbol (seen in the picture above), or somewhere on the card it will have “PayPass”, “payWave” or “blink”. RFID enabled passports will have a square with a line through the middle and a circle in the center seen here.
Studies by cyber security experts and hackers around the world have proved that they can commit “electronic pickpocketing.” With an RFID skimmer, they could brush up against you as they walked pass and possibly steal the information contained in your RFID enabled cards and passport.
Is this a real threat? It’s definitely not the most common thing in the world, but this reddit story shows that it does actually happen. In order to protect you from RFID skimming, RFID blocking wallets and sleeves have been created to keep your cards and passport safe.
If you don’t have RFID enabled cards and passport, you definitely don’t need an RFID blocking wallet or sleeve. On the other hand, if you do have RFID enable items, it’s up to you to decide whether the risk is worth the investment.
If you like you to err on the side of the caution, here are some RFID blocking technologies:
Tip #11 – Get a Password Manager
Do you write all your passwords down in a notebook? Do you bring that notebook with you when you go on trips? What would happen if that notebook were to be lost or stolen?
If I get the username and password for just one of your accounts, one of the very first things I will do is try that username and password on every other website I can think of. For that reason, it’s important to have a different (and strong) password for every account that you have. However, multiple complex passwords can be incredibly difficult to remember. We have new adventures to chase! We don’t have time to memorize complex passwords.
With a password manager, you only have to remember one password: the password to sign into the password manager. The password manager remembers all your other passwords, and they’re stored in an encrypted vault. Password managers allow you to keep your accounts secure without the hassle.
My password manager recommendations:
Tip#12 – Set Up Multi-Factor Authentication (MFA)
Multi-factor authentication means that more than just your password is required to login to an account.
Multi-factor authentication usually uses two of three authentication factors. Authentication factors are something you…
- Know (i.e. your password)
- Have (i.e. a random code on your phone)
- Are (i.e. fingerprint)
Many popular websites such as online banking and social media websites have multi-factor authentication. Enabling MFA means that, even if somebody gets ahold of your password, they won’t be able to access your account without also having your phone. It can really give you peace of mind that your accounts will be safe while you are on your trip.
Bonus Tip – US Citizens – Enroll in STEP
The United States has something called a Smart Traveler Enrollment Program. It doesn’t help you stay “digitally” secure, but helps the U.S. Embassy contact you in an emergency. It can also provide you with safety information about your destination. Enrolling in STEP can help keep you physically safe when traveling.
When You Return Home
Digital security is just as important when you return home as it is before and during your trip. Many hackers and identity theives won’t use the information they’ve stolen right away. Even after you return home from your trip, make sure to keep an eye on your email and financial accounts for anything you don’t recognize.
Another tip is to change all the passwords for your accounts (some password managers can simplify this process). If one of your accounts was compromised, changing the password will prevent hackers from accessing it any further, hopefully limiting the possible damage done.
Do you have any experiences with dealing with identity thieves or hackers when traveling? Do you have any tips for cyber security while traveling that you feel like I missed? Feel free to share in the comments below!