The World Cup is only days away and everyone is on their way to Russia or simply planning when they will stream the games they care most about online.
When it comes to traveling, it is critically important to know how cyber criminals target their victims, what travelers can do to reduce the risk, and ways to make it more challenging for attackers to steal their important company or personal information, identity or money.
As the first games approach, here are four cybersecurity best practices that you can use to stay safe during the 2018 World Cup.
1. Don’t lose your data, stay protected and relax.
While on vacation or at the World Cup, it is a common place for things to get lost, misplaced or stolen. It can happen in an instance by simply forgetting your laptop on the bus or the taxi, or by being distracted chasing after your children – all while someone else walking away with your tablet or laptop. Whether it’s your personal or company laptop this can lead to major security risks, compromising your data. Realistically, this is the last thing you want ruining your trip.
Tip: Backup, update and encrypt. Before you leave for the World Cup, make sure you back up all devices and data. Double check that all security updates are applied, and finally check your security settings. For example, ensure your sensitive data is encrypted.
2. Beware of social logins and limit the use of application passwords.
Almost every service you sign up for while on such trips now requests you connect using your social media accounts to gain access to whatever it is you are trying to do. The problem with using your social media account for these services is that you are providing and sharing personal details about yourself. This means you are giving these services the ability to continuously access your location, updates and personal information.
Tip: Use unique accounts, rather than social logins as those accounts get compromised, and cyber criminals could cascade to all the accounts using the social login.
3. Beware of what you do over public Wi-Fi.
Always assume someone is monitoring your data over public Wi-Fi. Do not access your sensitive data, such as financial information over public Wi-Fi. Do not change your passwords and beware of entering credentials while using public Wi-Fi. If you have a mobile device with a personal hotspot function, use this over public Wi-Fi. During vacations, it can be expensive if you decide to use the highly expensive data roaming options from telecommunication companies, so when using public Wi-Fi during vacation always make sure to use it with caution, securely and with the following tips in mind.
Tip: Do not use a public Wi-Fi network without a VPN. Instead, use your cell network (3G/4G/LTE) when security is important. When using public Wi-Fi, ask the vendor for the correct name of the Wi-Fi access point and whether it has security. It is common for cybercriminals to publish their own Wi-Fi SID with similar names. Disable Auto Connect Wi-Fi or Enable “Ask to Join Networks.” Many cybercriminals will use Wi-Fi access points with common names like “Airport” or “Cafe” so your device will auto connect without your knowledge. Do not select to remember the Wi-Fi network. Use the latest web browsers as they have improved security for fake websites. This prevents someone from hosting their own websites, like Facebook, waiting for you to enter your credentials. Do not click on suspicious links – even via social chats like videos that contain your photos – and beware of advertisements that could direct you to compromised websites. Use a least privileged user or standard user while browsing, as this will significantly reduce the possibility of installing malicious malware.
4. Before “clicking,” stop, think and check if it is expected, valid and trusted.
We are a society of clickers; we like to click on things (like hyperlinks for example). Always be cautious of receiving any messages with a hyperlink. Before clicking, ask yourself – “Was this expected?”, “Do I know the person who is sending this?” On occasion, check in with the actual person if they sent you an email before you aimlessly click on something in which might be malware, ransomware, a remote access tool or a virus that could steal or access your data. Nearly 30 percent of people will click on malicious links and we need to be more aware and cautious.
Tip: Before clicking, stop and think. Check the URL, make sure the URL is using HTTPS. In addition, check if the URL is coming from a legitimate source. Discover where the hyperlink is taking you before you click on it as you might get a nasty surprise.
The World Cup is a time to relax and enjoy the amazing games. It can be a great experience as long as you stay safe while attending (or watching online). If followed, these best practices will help you avoid becoming the next victim of cybercrime.
About the author: Joseph Carson is a cyber security professional with more than 20 years’ experience in enterprise security & infrastructure. Currently, Carson is the Chief Security Scientist at Thycotic. He is an active member of the cyber security community and a Certified Information Systems Security Professional (CISSP).
This post was originally published on http://www.infosecisland.com/rss.html.