Travel Insider: Don't take a vacation from Internet security
You may be vulnerable to hacking while traveling. Here are some tips to avoid a breach.
Whenever possible while you're traveling, use a hard-wired connection (DSL or cable) rather than public Wi-Fi unless you are carrying your own Wi-Fi hotspot. Above, passengers at San Francisco International Airport. (David Butow)
Until this happened to me, I thought strong passwords were for other people. Now a hacker knows where I went to school, where I bank and the names of my cats.
Using free Wi-Fi hotspots while traveling and having weak passwords may have made me more vulnerable. I've spent countless hours trying to explain to everyone in my contact list that I am not stranded in London and those emails asking for money weren't from me.
"Passwords should be long and strong," said Michael Kaiser, executive director of the National Cyber Security Alliance, a nonprofit public-private partnership focused on cyber security awareness and education. He recommends using a variety of letters (upper and lower case), numbers and symbols.
Rob Calvert, a business technology security expert and president of Second Son Consulting Inc. in Sherman Oaks, reminds travelers that they have some unique concerns if they access email or other personal information using free Wi-Fi or public computers on the road.
"Security and convenience are at odds with each other," Calvert said. "You need to find the sweet spot in the middle that satisfies your paranoia." (The use of https addresses, for instance, adds an encryption layer, although not every website offers this feature.)
Travelers need to be cautious about how much they share online and may want to post vacation photos after they return home, said Fran Maier, president of Truste, founded in 1997 to protect consumer privacy online. Travel companies such as Air Canada, Priceline and Avis Budget Group have received Truste's certificate for protecting consumers' privacy.
Here are cyber security tips from these experts:
Before you travel
Back up your devices (smartphones, laptop, etc.) and protect them with strong passwords. Delete any personal and financial data not essential for your trip. You can restore it from your backup when you return. Use software such as the iPhone's "Find Me" feature, which allows you to remotely wipe data off your phone if it goes missing.
Keep phone and laptop software up to date because updates frequently contain security patches.
Invest in Internet security software whether you are on a PC or Mac. Turn your Mac's firewall on (the default setting has it turned off). Be careful about online fixes: A current "MacDefender" scam dupes Mac owners into installing software that plants a Trojan horse so your credit card information can be swiped.
Create temporary trip passwords for all accounts you may access on the road. Change passwords every three to four days over a secure connection. If you use Skype or similar programs over free Wi-Fi when traveling abroad, change those passwords more frequently.
Whenever possible, use a hard-wired connection (DSL or cable) rather than public Wi-Fi unless you are carrying your own Wi-Fi hotspot. The DSL connection in your hotel room is generally more secure than any free Wi-Fi network you may find in the hotel lobby.
Use only encrypted Wi-Fi networks or your phone's more secure cellular network (if affordable). If you can't find a secure connection, consider spending time offline and disconnect for your own protection.
If you want to recommend an article to Facebook friends, cut and paste the URL into a Facebook post rather than clicking to share the link (which Calvert said could inadvertently leak information about your Facebook account).
Don't click on pop-up windows that claim your computer is infected; don't even click on the "X" to close the pop-up box. Instead, immediately force quit your browser. On a PC, hit "control, alt, delete" and select the Task Manager to close the browser. On a Mac, you select "Force Quit" under the Apple menu and force quit Safari.
Beware of public computers. Malware that can memorize your keystrokes could be lurking inside. Unless you know that the public computer at a library, youth hostel, hotel, etc., is safe, don't use it for anything more personal than directions to a restaurant, movie listings, etc.
If a site has an http and an https address, choose the https address. For example, it's safer to log into Facebook at: https://www.facebook.com.
Helpful cyber security and privacy websites:
— Facebook's Security tips: https://www.facebook.com/security.