As the summer holiday season approaches, cybersecurity provider Check Point Software Technologies Ltd. is warning the public to remain vigilant due to increased cyber risks targeting both individuals and organizations.
Despite airport delays, rising costs and continued uncertainty surrounding COVID-19, international travel this summer is expected to grow 11% from pre-pandemic levels.
In the rush to catch up on their vacations, for some their first in three years, travelers are likely to neglect cyber security and face risks related to their online activity. Cybercriminals are well aware of this vulnerability and, if anything, ramp up their efforts during the summer season.
According to the report Threat Intelligence Report by Check Point Research (CPR), the global average number of weekly attacks on travel and leisure organizations increased by 60% in June 2022 compared to the first half of June 2021.
In the period May – August 2021, attacks on these sectors saw a 73% increase and this year is likely to see a similar surge, with one of the key trends involving hackers impersonating established brands with phishing attacks, as vacationers search for last minute vacations and travel, hotel and attraction deals with delayed availability.
Figure 1 Phishing email impersonating Delta Airlines
Figure 2 Deceptive Delta Airlines page
A potential vacationer who clicks on a phishing email or provides their login information over an unsecured public Wi-Fi connection could face personal risk in terms of credential theft, as well as lead to financial losses. However, there is also an even more serious risk to their employers.
The trend toward so-called hybrid vacations, where people work remotely for part of the summer vacation, makes this threat even more real. Personal laptops, tablets or mobiles often provide criminals with easy access to corporate networks, especially if BYOD devices are not adequately secured.
Meanwhile, corporate networks themselves are most vulnerable this time of year or even on weekends and holidays throughout the year. With security operations teams working understaffed, cyber attacks can go unnoticed until it's too late and the damage has been done. A case in point was the ransomware attack on Kaseya's network on July 4 last year by the Russian-speaking criminal gang REvil, which affected over 1000 organizations worldwide, in addition to around 15 similar attacks per week during May and June, according to with CPR.
For many of us, this may be our first time traveling abroad since the pandemic, and as such there may be some elements of our travel routine that we may have forgotten, including cyber security habits. This is highly desirable for opportunistic hackers looking to take advantage of lax behavior and unprotected devices. It is also a risk at an individual level in our hyper-connected world, as well as for any organization with which a person communicates, including their employer, said Michalis Bozos, Sales Manager Greece & Cyprus, Check Point Software.
By planning ahead, individuals can look forward to their vacation knowing they have taken simple but necessary precautions to secure their devices while protecting their employers' networks. That's why Check Point has put together ten top tips to help consumers stay safe during the summer months.
Top tips to keep your devices secure
1. Treat public Wi-Fi hotspots with caution. Η δωρεάν πρόσβαση Wi-Fi είναι ελκυστική, αλλά μπορεί επίσης να ενέχει κάποιες σοβαρές απειλές για την ασφάλεια. Δεν είναι ασυνήθιστο για τους χάκερ να κάθονται στα αεροδρόμια, περιμένοντας τους ταξιδιώτες να μπουν σε public networks Wi-Fi, ώστε να μπορούν να εκμεταλλευτούν τους ανυποψίαστους ταξιδιώτες. Αποφύγετε τελείως τα μη ασφαλή δίκτυα Wi-Fi αν είναι δυνατόν, αλλά αν πρέπει να τα χρησιμοποιήσετε, αποφύγετε την πρόσβαση σε προσωπικούς λογαριασμούς ή ευαίσθητα δεδομένα ενώ είστε συνδεδεμένοι σε αυτά τα δίκτυα.
2. Pay attention to those around you. Το άτομο που κάθεται δίπλα σας στο αεροπλάνο ή ενώ περιμένετε να επιβιβαστείτε στο αεροπλάνο σας μπορεί να έχει κακόβουλη πρόθεση. Κάποιος μπορεί να κοιτάζει πάνω από τον ώμο σας ενώ εισάγετε τα στοιχεία της πιστωτικής σας κάρτας ή ενώ συνδέεστε στα μέσα κοινωνικής δικτύωσης. Είναι έξυπνο να προμηθευτείτε ένα προστατευτικό προστασίας της screenς, το οποίο μπορεί να σας βοηθήσει να κρύψετε τις πληροφορίες σας από τα αδιάκριτα βλέμματα.
3. Double-check the websites you make travel reservations on. Travel-related cyberattacks can happen even before the trip begins, so it's vital to check the travel website you use. Scammers like to impersonate genuine websites and pretend to offer luxury vacations or discounted travel in order to steal your personal information. If an offer looks or sounds too good to be true, it probably is. Before proceeding, thoroughly research the company offering the deal. Use a credit card for travel transactions, not a debit card. Credit card companies often have fraud protection in case you fall victim to cybercrime, whereas with a debit card, your money is likely gone.
4. Pay attention to language Mistakes. In this case, we are not talking about learning the local dialect, but rather be aware of any spelling or grammar mistakes, as well as authoritative phrases that push you to make hasty decisions, as this could indicate that something is not right. it's going great. That's because cybercriminals rely on people not taking the time to look at the small details that might signal an email or message isn't legitimate. To stay protected, always take an extra minute to verify the authenticity of a message, especially if it's trying to get you to reset your login details, as once a hacker gains access, it won't take long to wreak havoc.
5. Never share your credentials. Most people reuse the same usernames and passwords across multiple online accounts, which is why credential theft is a common target of phishing scams. Therefore, you should be extra careful whenever you are asked for your login information. Phishing emails/messages usually impersonate well-known brands, impersonate customer support specialists or even impersonate your employer. To keep your accounts safe, never share your credentials via email or text, and enter them online to access services only after you've authenticated the site by going directly from the program browsing you have selected.
6. Turn off automatic Wi-Fi/Bluetooth connections. There may be a default setting on your smartphone to automatically connect to an available Wi-Fi or Bluetooth network, which may allow malicious actors to gain access to your device. Make sure this feature is disabled to prevent cybercriminals from hacking your device.
7. Use multi-factor authentication. When you are on vacation, you may need to access important services that contain confidential or financial data. To be safe, use a multi-factor authentication (MFA) process to ensure that you are the only person who can access these services and that you are notified if an unauthorized person attempts to connect.
8. Download the latest security updates. Before you get ready to leave for your trip, make sure all your devices are up to date with the latest security updates. This way you will keep them protected from the latest known threats.
9. Get informed about the latest attacks. It's a good practice to do some research on the latest attacks going around so you don't fall prey to any tricks threat actors might use to spread ransomware. Remember that not all scams are based on phishing and that you could still be exposed to provide your credentials over the phone or SMS.
10. Be suspicious of ATMs. Avoid withdrawing money from ATMs, as hackers, especially in tourist areas, have been known to attach credit card skimming devices to stand-alone ATMs. If it is necessary to use one, find an official bank machine, preferably one located within the lobby of your trusted bank.
