On a trip - whether on business or on holiday - it is easy to overlook security measures he takes when he is at his home. According to Kaspersky Lab specialists, there are certain and simple things everyone can do to make sure that a hotel's Wi-Fi access is secure or secure when buying tickets online.
In addition, there are simple solutions even if your device is lost or stolen.
Some hotels, restaurants or business centers sometimes offer free tablets to their visitors. While working on these devices, users tend to leave a lot of private information, which could potentially be used by digital criminals. No one can know if a keylogger or some other malware is installed on these devices and intercepts keystrokes, such as connection details.
These devices, according to Kaspersky, should only be used for visits to informative websites and never for online shopping or business purposes, such as editing documents or linking to sites that require a password.
2014, Kaspersky Lab published information about the targeted Dark Hotel campaign, which used a number of effective tactics to invade hotel networks, even on systems that were considered private and secure.
Digital criminals waited for their victims to connect to the hotel's Wi-Fi network. They then blurred the candidate targets, who "folded" and installed a backdoor, which was supposed to be an updated version of a legitimate software.
As soon as the backdoor entered the system, according to Kaspersky, it "downloaded" in turn the most advanced tools for data collection, intercepted all keystrokes and searched for temporarily stored passwords in browsers and other personal information.
In any case, the software must always be up to date. However, if the update needs to be done during a trip, download updates should be made directly from the official sites of the providers.
If your computer displays messages informing you that software updates should be made, users should not click a random button to download and install an update as "update" could turn out to be malware.
If sensitive information is to be used, users should use one secure connection. In general, it is advisable to avoid the use of public Wi-Fi networks, especially if the network is not password protected as hackers can set up Wi-Fi hotspots in public places (eg airports) to intercept data .
Often, these hotspots have a name that seems to belong to an official body according to Kaspersky. For this reason, it is useful to confirm the exact name of the legitimate Wi-Fi service each time.
Additionally, it is recommended to use password-protected networks. Even if the code of Wi-Fi is freely available to all, it still provides protection. This is because this shared code is used to generate unique keys for each user, so that users' data cannot be decrypted by anyone else, even if they know their Wi-Fi password.
In case online markets according to Kaspersky (eg tickets for a show or hotel reservation), it is good for every user:
- Verify that the service you are using is secure (see green padlock, encrypted linkHTTPS).
- Have a dynamic antivirus program with built-in safe money
- Have a unique password for each of their accounts and implement some form of control identity two-factor on whatever website he uses. That is, it should confirm any connections via SMS or an email based on the security code. If a user receives a two-factor authentication notification when they're not trying to log in to a system, that's a pretty good indication that the computer should be security scanned and a new password entered (because it probably means someone has gets hold of the password and tries to log into the account).
- Use a kind of transaction guarantor (eg 3D Secure or Verified-by-Visa) that requires a one-time passcode to be entered before a transaction is completed.
Beyond that, attention should also be paid to physical security, as data can be compromised every time someone leaves their computer unattended while traveling.
Devices may be lost or stolen. Thus, reasonable precautions include setting a password if one does not already exist - although this only offers a low level of protection, as it is required to enter a code each time after a relatively short period of inactivity.
Also, it's a good idea to disable booting from a CD or USB drive in the BIOS so hackers can't bypass the password. After that, users should set BIOS password to prevent possible changes to BIOS settings.
It is also good for users to take preventive measures and become familiar with anti-theft functions and solutions.
For example, the free Kaspersky Phound! for smartphones or tablets, as well as Kaspersky Lab consumer products such as Kaspersky Internet Security - Multi-Device, can help with a number of functions, such as locating the device on a map using GPS, GSM or Wi-Fi networks , the activation of the Alarm function that continues until the owner enters a secret code or even the removal of all personal data.
"Many people today travel with smartphones, laptops and laptops tabletsor using equipment provided on the trip. When you quickly make your suitcase for a trip, when you are at a hotel or an airport, it's easy to overlook even the simplest security measures, such as backing up or encrypting vital business data.
Then, there are threats such as the loss of passwords or "infection" by digital criminals through unreliable public payloads using a USB connection. You should take precautions on your travels just as you would at home, commented o Stefan Tanase, Senior Security Researcher of Kaspersky Lab's Global Research and Analysis Group.
