There’s a new wave of scams to watch out for this summer. We are sure that there are many people among you who are preparing to go on vacation with the warming of the weather. However, experts warn you should be careful with hotels, which are one of the biggest scam spots these days.
According to a report by Nord VPN, scammers can steal your passwords by setting up fake WiFi connections. They can even switch USB ports to retrieve your data using a technique called “juice jacking”.
Account hijacking accounts for around 15% of all scams globally. According to data compiled from businesses globally, about 136 million instances occurred last year.
Nord VPN claims that hackers can use cybersecurity vulnerabilities in hotels to target vacationers and even reach rooms. So, below we share with you some tips you can use to avoid losing your data to scammers this summer.
1. Fake WiFi networks
Hackers use two methods to steal people’s passwords and personal information using a hotel’s WiFi network.
The first is to connect to the hotel’s WiFi and install malware. The second is to create a fake WiFi hotspot with an unsuspecting name such as ‘guest’ or ‘free WiFi’, called ‘evil twin’.
All the scammer has to do is set up a fake WiFi network with a convincing login page that asks for your name and email address, prompting you to create a username and password. After obtaining this information, they try to log into your bank accounts using a technique called authentication testing. This gets even easier as many people still use the same username and password combinations for all their online accounts.
After obtaining your information, they can also try a fraud scenario by calling you. For example, they may tell you there is a problem by faking your bank. Of course, they will try to convince you with sentences such as “we can see from your transactions that you are on vacation”.
If you want to avoid these risks, you should ask the person at the reception for the WiFi name and password. You can also use a VPN service to encrypt your data and prevent third parties from intercepting it.
2. Unreliable USB charging ports and chargers
Some hotels place USB charging ports in hotel rooms for visitor use. If you go to a hotel abroad, the country’s socket types may be different. Therefore, USB charging locations will be your only option. Of course, this can also put you at risk of becoming a victim of cybercriminals.
Hackers use charging cables in public places to install malware on phones to carry out this attack called ‘juice jacking’. This attack allows hackers to steal your passwords, credit card information, personal information and other data.
Usually the safest way to charge your device is to plug it in. Otherwise, it’s in your best interest to carry a portable charger or USB data blocker. If you plug your phone into a charger and your phone shows you a prompt like ‘allow access to this device’, don’t allow it.
3. Smart TVs
A smart TV can become a tool for cybercriminals. Smart TVs seized by hackers can be used to track you through their cameras or to steal your information that you use to log in to applications on smart TV. Then they easily sell them on the dark web.
The best thing to do in this situation is to unplug the smart TV when not in use. Turning off the camera and not logging in with your credentials will also reduce these risks.
4. Automatic WiFi connections
By disabling the auto-connect feature on your devices while on vacation, you can reduce the cybersecurity risks caused by unreliable internet connections around you.
The hacker group DarkHotel is well-known for targeting the WiFi networks of luxury hotels. Unfortunately, cyber attacks can be difficult to prevent completely when it comes to professional hackers. Since the group only selects high value targets, it tailors its attacks to each target and is highly convincing.
If you think that your data or device may have been compromised during your vacation, change your internet banking and credit card passwords immediately. Then do not forget to notify your bank of the situation. Never reuse the same password, especially for areas such as financial services, and the password you use should not be easy to guess.