Hackers are working overtime to steal your next vacation
Hackers are trying to steal your vacation. They’re coming after your personal data, your credit card information and your loyalty points.
Worst of all, they might already have them.
Consider what happened to Jill Frankfort, a teacher from Boston who recently lost 150,000 American Airlines frequent-flyer miles. She didn’t find out about the break-in until months after the crime, when she tried to redeem her miles for an international trip. By then, the miles were long gone and the airline couldn’t help her.
“Travelers are often in a hurry, distracted or on autopilot while traversing public places,” says Mark Ruchie, the chief information security officer for Entrust Datacard. “They don’t notice when unusual activity occurs on their accounts – making them easy targets for hackers.”
Not only that, but the methods hackers use to commit their crimes have evolved as well. Advanced technology and tools that used to be exclusive to governments are now available to the bad guys.
Your miles are on the dark net
For Frankfort, the discovery of her missing miles was devastating. She’d worked hard to earn them, going out of her way to give her business to American Airlines.
“There were transactions for tickets that I did not authorize,” she recalls, including business-class tickets from New Delhi to Doha, Qatar. “I think it’s important for people to know that airlines do not insure frequent-flyer miles from fraudulent usage as credit card companies do with fraudulent charges.”
American said it wouldn’t help her because the transactions had happened six months earlier but restored 25,000 miles as a goodwill gesture.
“The black market for frequent-flyer accounts is consistently growing,” says Justin Lavelle, a director for BeenVerified (beenverified.com), an online background check platform. He says at least half a dozen online markets have listings created by criminals who have stolen frequent-flyer miles. They then try to resell the miles. It’s often difficult to detect the crime, since many folks don’t check their accounts that often, and the theft may go undetected for weeks or months.
Experts say you should change your passwords often and consider using a service such as AwardWallet, which allows you to track your loyalty programs.
Stay off public Wi-Fi
Another way hackers steal your vacation is by stealing your identity when you log on to a public Wi-Fi network at an airport or hotel.
“Cybercriminals can create a rough copy of your online presence to open up accounts in your name, pretend to be you in online transactions or even masquerade as you on social media to your friends, family and colleagues,” says Mike Tanenbaum, head of Chubb Cyber North America.
The result: At a minimum, a lot of your personal data could be compromised, which can take a while to untangle. But at worst, you could lose money.
Tanenbaum recommends using a virtual private network for online transactions, which provides enhanced security while traveling.
“Avoid conducting banking transactions or accessing your personal financial accounts while traveling, and wait until you get home to complete these types of activities,” he says. If you think your identity has been compromised, place an initial fraud alert on your file with one of the three credit bureaus – Experian, Equifax or TransUnion – and change all of your passwords and PINs. Report your identity theft to authorities.
They may already have your personal information
Most unsettling to travelers is the real possibility that their credit card numbers or passwords already have fallen into the wrong hands, because of numerous data breaches.
David Bryan recalls a transaction in a seafood restaurant on a recent visit to Brazil. The business rejected both of his credit cards. Finally, he offered his debit card and typed his PIN, successfully paying for his ceviche.
Two days later, Bryan’s bank notified him of potentially fraudulent activity on his debit card. “I called the bank, and they asked me if I withdrew money from an ATM in Brazil. I told them no, I’m not even in the country anymore,” he says.
Fortunately, the bank canceled his debit card and reversed the charges.
“Thankfully, there were no lasting issues for me. In hindsight, I knew something was amiss at the restaurant, and that must have been where my information was stolen,” he says.
His advice: Don’t use your debit card at stores or restaurants that may not have the security to protect their point-of-sale systems. If you use an ATM, select one inside a bank branch or inside an airport, where the chance of tampering or skimmers on the ATM is reduced. And stay off any public computers.