9 tips to protect your digital privacy while traveling
This article was published in association with Bitdefender. You may be one of the most well-traveled and safety-conscious people in the world, but travelers in particular are at risk of being hacked, your identity stolen, and possibly falling into clever scams. As a former IT technician, I like to think I’m “above” in terms of technical prowess. But I was completely confused when I received an unexpected PayPal invoice from a company I worked with in the past. Turns out, it was a fake invoice, sent via PayPal, using that company’s name. And I’m not ashamed to admit that I almost paid the price. Scammers and hackers are getting smarter these days. Scaring you is not my intention, but it helps to be aware of digital security. Here, I’ve put together some of the most effective tips on ways you can keep your privacy safe while traveling, starting with the simplest tips. 1. Using this two factor authentication is the easiest app and will provide the most protection for the least amount of effort. Two-factor authentication, also known as multi-factor authentication (2FA or MFA), requires that you receive a one-time code via text message, email, or a secure authentication app like Google Authenticator. This gives you an extra layer of protection on top of your password. Whenever possible, you should enable two-factor authentication on your accounts. It is important to know that security questions are not a good security measure. Security questions are often a liability, because it is easy for hackers to find out. Your mother’s maiden name is no secret, and someone will likely find your cat’s first name from an old Facebook post. Another more secure version of MFA is a hardware authenticator like YubiKey, which requires you to plug in a mini USB drive to verify your identity. Just don’t lose it! 2. Protect your privacy with a VPN. Use a VPN. The concept of a VPN may seem daunting at first, but it is actually quite simple. A VPN protects your privacy by directing your Internet traffic through a secure data “tunnel”. It also encrypts the traffic, making it unreadable to anyone who finds a way to get into that tunnel. Moreover, the VPN will protect your important data, such as login credentials (usernames and passwords), banking information, and credit card details. Even if a hacker finds their way into your connection, they will only see nonsense instead of actual data. Bitdefender VPN is one of the best priced options on the market, offering an ultra-secure connection at an incredibly reasonable price. A VPN can also help you access blocked websites (depending on the country you’re visiting), VoIP services, and streaming services like Netflix and Amazon Prime. 3. Lock Your SIM with a PIN Worried that even if you enable 2FA, a hacker can still get into your phone and intercept the one-time-user code? You must be. This is a real-world scenario that has real-world consequences. And the solution is simple: block the SIM card with a secret number. Not only does it protect your phone number in the event your phone is stolen, but it also prevents any password-free SIM access — including from hackers. Depending on the type of phone you are using, you should be able to find your SIM PIN in your settings. For example, with an iPhone, just go to Settings and then Cellular. Note: You will have to retrieve the original PIN code first, also known as Pin Unlock Key (PUK). Just check with your service provider. 4. Watching scams and scams I am more and more amazed at how clever and deceptive scammers have become. Scams and phishing attempts are advancing, and sometimes I have a hard time figuring out what’s legitimate. Awful spelling mistakes and obvious fake emails are an obvious red flag, but that’s just the tip of the iceberg. First of all, don’t reply to text messages if you don’t know who the sender is. Scammers often send text messages en masse, and if you reply, you validate your phone number. They may try to hack your phone or use your phone number elsewhere for authentication purposes. Another call to lock your SIM card with a PIN code. Never click on links from emails or text messages from your bank or other social media platforms without checking everything (and even contacting your bank if necessary). Scammers will sometimes pretend to be your bank, send you low balance alerts via text or email, and ask you to click on a link. This takes you to a scam website that looks like the official website of a bank, and you end up entering your bank account details and getting robbed. Then there are the real-life messages from Facebook, Instagram, or other social media platforms. I recently received an email from Instagram that appears to be perfectly legitimate, saying that my content was copyright infringement. The link provided brought me to a fake website asking me to enter my Instagram credentials to view the breach details. If you get strange messages from a friend on Facebook or Instagram, wonder about everything. A few weeks ago, one of my Instagram friends asked me to vote for them in a contest. Of course, I said, and they asked for my phone number to send me a link to vote. Then they wanted me to photograph the link and send it to them. What really happened? They sent me the Instagram password reset URL and were looking to manually steal my account. Finally, don’t pay bills you don’t expect. This sounds obvious, but some people send legitimate invoices through PayPal and Quickbooks. It’s like spam, but instead of sending emails from fake email addresses, they’re sending legitimate invoices via legitimate platforms. Easy to get confused. 5. Using a password manager How many different passwords do you use? Hopefully more than one. For the highest level of security, you should use a different password for each account you have. These days, this is not just a suggestion, but a basic requirement. If you use one password for each of your accounts, someone else can use it to access every other account you own. Let’s say your Netflix account has been hacked — and now they have your primary password. If this password is the same as your online password, you are in big trouble. Of course, there’s no way you can remember dozens, hundreds, or even thousands of passwords (and if you store all your passwords in a Word document on your desktop… I don’t know what to tell you). With a password manager like Bitdefender, you can store all of your passwords in one secure “vault” and access them with one generic password. This means that you only have to use one password to access all of your passwords, and if one account is hacked, that security issue will be isolated to that one account. 6. Only make online payments with trusted sellers, I’m sure you’ve heard about all the usual credit card hacks, such as skimming (where debit card and credit data are stolen when the user is at an ATM). But credit card hackers are much smarter these days. We are constantly flooded with ads, whether it’s TikTok, Facebook, or Instagram – but it’s hard to tell which companies are legitimate. These companies may sell your information to outside companies. For example, one of my girlfriends kept hacking her visa. When she called to find out why, the rep told her to start reviewing all of her bank statements and remove any credit card statements held with the sellers. For one-time payments, some banks will give you a “virtual” credit card number, which is a virtual card template for your physical credit card. Bank of America will give you a unique card number inside a digital wallet that’s different from your physical card, so it can’t be accessed from your digital wallet if your phone is stolen. 7. Learn about the dangers of open networks Unsecured public WiFi networks can pose risks to your privacy and security, mainly because they are widely open to everyone. If you have no problem connecting to this network, no one else does. It’s kind of like leaving your front door unlocked. Eventually, an unwanted guest will enter. If a hacker uses the same open network as you, they can read all your messages, steal private data, and even infiltrate your devices to continue stealing data even after you’ve checked out for the evening. You can prevent this from happening by avoiding using public WiFi networks, especially if they lack password protection. It is also a good idea to avoid WiFi networks where the password is easily displayed (for example, in a coffee shop or in a hotel). You can also disable automatic connection, so that you do not automatically connect to open networks. Avoiding public WiFi networks completely is impossible, especially if you work on the go. If you have no other choice but to use such a network, consider strengthening the security of your device with a VPN. 7. Monitor your accounts On the subject of password protection, it is also wise to change passwords regularly and check if your credentials have been leaked. For example, if you are using Google Chrome, you can go to Password Manager > Privacy and Security and check for data breaches and security issues. I do this regularly (once a month or so). It’s very simple. Or you can use a useful program like Bitdefender Digital Identity Protection that will scan the web for personal data leaks and constantly monitor whether your accounts are exposed. Having a reliable identity protection service goes a long way in giving you peace of mind. 8. Use HTTPS Websites Only We’ve now officially moved on to the more boring technical parts of online security, but stay with me. HTTP has been the standard for years, but nowadays most websites use HTTPS to protect visitors from privacy violations. Like a VPN, HTTPS also relies on encryption to prevent attackers from intercepting data that is shared between a website and its visitors. This includes messages, emails, transfers, banking information, credit card details, and login credentials. The whole idea is that hackers will not be able to decrypt the data between you and a website if HTTPS is used. Modern web browsers, such as Google Chrome, display HTTPS sites differently than those that use HTTP. You can check if the website you are visiting is using HTTPS by taking a quick look at the address bar. HTTP sites are flagged as insecure, while HTTPS sites display a lock icon next to the URL on the left. Keep in mind that VPN and HTTPS are two completely different things: HTTPS only encrypts your browser traffic, but a VPN provides you with system-wide protection that covers all your internet-enabled applications (eg browser, email, SMS, etc.). The best thing you can do to keep your privacy safe is to double up on VPN use and also only connect to HTTPS websites (where possible). *** While every tip I’ve given here is pretty effective on its own, I recommend that you follow them all (or as many as you can) to make sure your online privacy is safe. The bottom line is that hackers and cyber attackers are getting smarter. When you stay on top of protecting your privacy, you’ll be able to avoid identity theft and a whole host of other problems. Pay attention to where you put your personal information, and you’ll be fine!