Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Travelling Safety. Show all posts

Experts Alert Travelers Against Sharing Photos of Boarding Passes Online


After giving hours to work – each day, every week, for months – checking in at the airport possibly represents an exciting time, for travelers who have waited long for the much-needed rest and recreation.

One may also want to capture this moment and share a sneak peek of their journey with their pals, starting with clicking a little picture of their boarding pass to post on social media. However, cyber experts have advised the vacationers against this, since doing so could be a risk to their privacy, or even lead to their information getting into the wrong hands. 

While modern boarding passes do not contain any outright personal details and only contain information like the person’s name, flight number and seat number, certain codes could be used by a hacker to further get hold of a victim’s information.

Josh Amishav, Founder and CEO of data breach monitoring company Breachsense, explained "Your frequent flyer number, name, and passenger name record are valuable for identity theft, enabling fraud like opening credit card accounts or making unauthorised purchases.”

"Hackers can employ social engineering techniques, pretending to be airline representatives to trick you into revealing more personal data. They can also create targeted phishing attempts using your boarding pass info, leading to clicking on malicious links or sharing sensitive data," he says.

The threat does not end here, since this is not the only way a boarding pass can be used by an unauthorized body to access a flyer’s information. Another case that comes to light is the illicit usage of contents of a lost or stolen boarding pass.

Thus, there are several measures and precautions one must keep in mind in order to protect oneself from falling prey to such cyber incidents. Here, we are listing some of those measures: 

  • Always make sure that the boarding pass is safe with you; never put it in the pocket of the airplane seat or toss it in a hotel trash can without first shredding it up. 
  • It is crucial to properly dispose of printed boarding passes when one is done with them and no longer needs them in order to prevent the information contents from falling into the wrong hands.
  • In case one is posting picture of their boarding passes, or any documents from their trip on social media, it is recommended to edit those pictures in a way so it does not display any important detail.  

Travel HACK: Why you Should not Share Photos of Your Boarding Pass Online

You are done packing the bags, you put on your airport look and now you are all set to board the flight to your dream vacation. You might as well want to post a picture of the trip, or share a picture of your boarding pass. But wait, doing this recklessly may cost you your privacy.

While boarding passes do not include some outright personal information like an address or a phone number, they do involve certain codes that would work well for a crime actor to find information about you

The documents may appear to be nothing more than travel keepsakes outside of their primary use at the airport, but they are much more informative than many travellers realise. According to Amir Tarighat, CEO of cybersecurity company Agency, "people often think, like, 'Just this information isn't enough to compromise (me)' but that's not how the attackers view that information." Boarding passes possess information like the flyer’s legal name, your ticket number, and passenger name record (PNR), a six-digit alphanumeric code specific to their reservation.

Meanwhile, Amir Sachs, founder and CEO of cybersecurity and IT company Blue Light IT said, “Using the PNR and your last name, a hacker can have full access to your booking information, which will give them access to your phone number, email address, and emergency contact information.” Getting a hand to an individual’s PNR also lead to a passenger’s frequent flier number, Known Traveller Number (associated with Global Entry and TSA Pre-Check), and redress number (associated with the Department of Homeland Security’s TRIP program).

With all the aforementioned information, one can easily change a passenger’s booking. In fact, all you need to change or cancel flights online is your name and PNR; a password is not required. Additionally, someone may simply steal a hard-earned frequent flier miles if they gain access to their frequent flier account, which does require a password. Moreover, much worse issues await if a hacker gets hold of a victim’s details through their boarding pass.

Josh Amishav, founder and CEO of data breach monitoring company Breachsense explains, “Your frequent flier number, name, and PNR are valuable for identity theft, enabling fraud like opening credit card accounts or making unauthorised purchases[…]Hackers can employ social engineering techniques, pretending to be airline representatives to trick you into revealing more personal data. They can also create targeted phishing attempts using your boarding pass info, leading to clicking on malicious links or sharing sensitive data.”

While these risks do not stop at posting your boarding pass online, you might as well want to skip the entire printed boarding pass to reduce the risk of data being compromised from a discarded or lost slip. Researcher and senior technical director for cyber safety brand Norton explains, “Consider using a mobile boarding pass to ensure no physical copies will be left behind in your plane seat pocket, boarding area, or somewhere else where scammers can easily grab it.” One may consider that travel apps too could be hacked, so compromising digital boarding pass is not something entirely safe either.

Even though one may get quite lucky to avoid any such issue, posting a photo of your boarding pass online is not worth the risk. Thus, being mindful in taking cautionary measure could save you from any trouble. If you are adamant on posting a picture of your boarding pass online, you can use photo-editing software to hide away that information, or you can skillfully stage your photo so that none of the identifying details are visible, which will also include the barcode.

“Hackers can use barcode scanners to steal information from boarding passes shared online or left behind in airplanes and airports[…]Depending on the airline, a barcode scanner can unveil a flier’s airline account number, associated email and phone number, and your flight’s confirmation code — information that could all be used to make a phishing attack look more realistic,” explains Roundy.

It is also advised to post your travel photos on a delay— ones you are back from your travel, as Sachs says, “Keep your info safe and save the travel bragging for when you’re safely back home!”  

Travelling? These Are 5 Tips For Better Online Safety

 

Using your electronics while travelling is extremely risky, regardless of when you go or why. The risk to your privacy and problems with online safety when travelling are the two things that will ruin a vacation the quickest. Despite your best efforts, will you actually be able to disconnect while you're on the road? It's likely that you scroll while at the airport or login to your work email while you're flying, post on social media, or both. You can easily jeopardise your credentials and privacy if you're not careful. Take into consideration these tips for traveller's internet safety. 

Be wary of free wifi 

Although it may be alluring to connect to the free Wi-Fi at your preferred restaurant, hotel, or airport, doing so gives hackers access to your computer while you're utilising a shared network. Any information from your internet activity, including credit card numbers, email addresses, login credentials, and images, can be accessed by a hacker playing the man in the middle in this precarious situation. 

Also, it gives threat actors a way to spread malware on your machine. When a hacker has access to your personal information, they can act in your place and access your online accounts. Turn down your Wi-Fi when not in use and stop your device from connecting to Wi-Fi and Bluetooth automatically to address this security issue. This increases the security level and increases the battery life of your device. Don't access personal messages or explore sites that need logging in if you must use public Wi-Fi. After your session is over, promptly disconnect. 

Avoid scanning random QR codes 

You've certainly heard of email phishing, but what about "quishing"? There is a word for everything, right? Due to their practicality and frictionless nature, QR codes were widely used during the pandemic. As a result, QR code phishing emerged as a new type of online scam. 

Texas scammers covered genuine QR codes on parking metres with phoney ones. Those who utilised the metres were sent to fraudulent websites that requested their bank and credit card information. Atlantan drivers have reported seeing phoney parking fines with QR codes on their windscreens that lead to fraudulent websites requesting billing information. 

Watch out for skimmers

The purpose of credit card skimmers is to take credit card information as soon as you swipe to pay at legitimate gas pumps, ATMs, and other payment stations. The information on your credit cards can potentially be stolen by criminals by placing a skimmer device over your wallet. A shield will be put in place between your card and the skimmer if you use an RFID-blocking card holder. On physical card readers, watch out for tampering evidence such mismatched colours or materials close to the screen, card slot, and keypad, and refrain from swiping if something seems off. 

Don't share your location 

It makes sense to want to post trip information and pictures on your preferred social media platforms. But if criminals are following your area, doing so makes you a running target for them, making it simple for them to break into your home or hotel. Be sure that your location isn't being shared in images and turn off location sharing on your phone. To ensure your privacy and security, it's best to report about your adventures once you go home.

Use virtual private network (VPN) 

While travelling and disconnected from your home or workplace network, use a VPN to keep a secure connection. By encrypting your website traffic using a VPN, you make yourself harder to target for hackers searching for a simple victim because they can't see the websites you're visiting.

Final remarks

It's not always simple to acknowledge that we are responsible for our own online safety while travelling. Regrettably, it's the way things are in the world. So remember these tips instead of defying reality. You may relax easier and have a less stressful vacation by staying safe online, whether you're nearby or thousands of miles away.