Hotels/Airports/Rental Cars/Travelers – Information and Best Practices
Steve Bartels – SIA Hotels/Benefits Representative
Hotel Guest
*Scammers target hotel guests by pretending to be calling from the front desk, requesting personal information and credit card details. The fraudsters are c laiming to be hotel managers or front desk clerks reporting an error with their booking, asking the guests to clarify credit card numbers over the phone.
*Hackers may exploit the fact that travelers are not as likely to check credit -card statements as thoroughly as usual.
*Remember those huge terms of service documents at the bottom of the sign-in pages on hotel computers? Assume the hotel is logging what Internet sites you visit and, might be modifying the information you’re seeing while connected to their network.
*Credit cards in general are far superior to debit cards when it comes to insulating you from damage done from a payment-card breach. Try to have a separate card just for travel – if a breach happens, your main card will be insulated and you will still have access to funds.
*Be Careful about Bluetooth Connections – You may think nothing of pairing your Smartphone with your rental car. But did you know that information is sometimes stored after you terminate the connection? That means that your contact lists and other data could be left behind. Before you turn in your keys, make sure your data has been deleted.
The Danger of Open W i-Fi
Many people set their phones to find and connect to accessible WiFi networks. While this can help reduce your mobile data consumption, it can also expose you to significant risks. Open WiFi, whether paid or free, must be approached with caution because any WiFi network not protected by a password is vulnerable to attack.
Check Before You Connect
Did you know that names of WiFi networks are manually created? This means that anyone can name a network anything they want. Scammers set up “rogue” and “evil twin” networks with names that sound trustworthy, such as “Airport WiFi.” Once connected to a scammer’s network, your data is in their hands. To be safe, check with a hotel employee or trusted sources before you access an open WiFi network.
Use Secure Networks
Ensure that “https” is present in a Web address before accessing a secure site. Whenever possible, hold off on doing any financial transactions on WiFi until you’re on a known, secure network. If you’re connected to a website via a secure protocol, such as ht tps, then the connection between you and that website is encrypted.
Mobile Devices
For approximately $3,000, a hacker can set up a miniature cell phone tower that fits in a backpack and capable of intercepting cellular calls and SMS messages. For about $200, a hacker can set up a special wireless router that is capable of impersonating those set up by hotels. People who surf the web or transmit sensitive information would be victims without knowing it.
V P N
Hotels may support Virtual Private Network connections. Once connected in that fashion, the data on the laptop is far more secure. A virtual private network (VPN) adds a layer of encryption and security that is valuable when using any unknown connection.
INTERNET OF THINGS POSES OPPORTUNITIES FOR CYBER CRIME*
The Internet of Things (IoT) refers to any object or device which connects to the Internet to automatically send and/or receive data. As more businesses and homeowners use web-connected devices to enhance company efficiency or lifestyle conveniences, their connection to the Internet also increases the target space for malicious cyber actors. Similar to other computing devices, like computers or Smartphones, IoT devices also pose security risks to consumers. The FBI is warning companies and the general public to be aware of IoT vulnerabilities cybercriminals could exploit, and offers some tips on mitigating those cyber threats.
What are some IoT devices?
Automated devices which remotely or automatically adjust lighting or HVAC
Security systems, such as security alarms or Wi-Fi cameras, including video monitors used in nursery and daycare settings
Wearables, such as fitness devices
Smart appliances, such as smart refrigerators and TVs
Entertainment devices to control music or television from a mobile device
What are the IoT Risks?
Criminals can use these opportunities to remotely facilitate attacks on other systems, send malicious and spam e-mails, steal personal information, or interfere with physical safety.
*Taken from www.fbi.gov/scams-safety/e-scams
O nline Hotel Booking Scams
*Of the 2.5 million online bookings each year, it is estimated that $220 million worth of potential hotel revenue is received by rogue vendors. In addition to lost reservations, guests face additional cancellation and booking fees. The American Hotel and Lodging Association recommends reserving rooms directly with the hotel, by phone or through its official website. Double check the URL to make sure the website is not a disguised third-party vendor. Be aware of the cancellation and trip -change policy. Third-party vendors may not permit changes or refunds. If it is a secure payment website, the URL will display a lock icon and begin with https:// instead of http://.
If you feel that you have fallen victim to an internet crime, please report to: www.IC3.GOV which tracks internet-related crimes and complaints and refers them to regulatory agencies for investigation.