8 ways to cut your risk of fraud during holiday travel
Data breaches, unsecure Wi-Fi, ATM skimmers all pose risks.
Expert on fraud, travel and debt.
Before you take to the air, hit the road or board a train or bus for the holidays, a few quick checks could keep you and your loved ones from starring in your own version of “How the Cyberthieves Stole Christmas.”
The threats are out there. Major airlines, hotel chains and restaurants have been hit by data breaches. Gasoline pumps and ATMs have been rigged with skimmers. Your personal information can be intercepted when using public Wi-Fi. Cybercrooks stalk people on social media to steal their holiday gifts when they head out of town.
“You need to be a little bit paranoid,” says Ed Goodman, chief privacy officer at IDT911, which provides identity protection services.
You also need to be proactive. Here are eight ways you can protect yourself and your account info while away from home:
1. Alert your card issuer ahead of your travel plans.
Before leaving home, call your card issuer to let the company know where you’re headed, Goodman says. It serves a twofold purpose.
If making purchases at your vacation destination, you won’t have to worry about your credit card charges being turned down. And if purchases come in from a beach town in Florida while you’re skiing in Colorado, your credit card issuer will know to flag the transactions.
Most, but not all, card issuers ask you to let them know your travel plans, and online travel notification forms are now common.
2. Be wary of public Wi-Fi.
It’s convenient to connect to public Wi-Fi while waiting at the airport, in a hotel room or at a coffee shop, but you could be opening yourself up to having your personal and financial information swiped.
“Travelers need to understand the difference between ‘trusted’ and ‘untrusted’ networks,” says Mike VanDenBerg, cyber services managing director at KPMG, a tax and advisory firm.
Public networks such as hotel Wi-Fi, airline lounges and airports are inherently untrusted.
|-- Mike VanDenBerg,
Cyber services managing director at KPMG
“Public networks such as hotel Wi-Fi, airline lounges and airports are inherently untrusted,” he says. “That means you don’t know anything about the other devices on that network, and once you connect to it, you may become a target for someone with malicious intent.”
Make sure your computer firewall is working, he advises, and as an alternative to public Wi-Fi, use your smartphone to create a personal hot spot connection. Availability and use vary by phone and by network.
Even using your mobile device to access public Wi-Fi in shopping malls can have risks, according to Skycure, which helps secure mobile devices.
The company studied Wi-Fi connections at shopping malls around the nation, looking at both malicious Wi-Fi, set up by cybercrooks to steal your information, and risky Wi-Fi, which isn’t configured properly and can expose your data to cybercriminals.
The study found the highest number of risky Wi-Fi networks (14) at the Fashion Show Mall in Las Vegas. In the No. 2 spot was Tysons Corner Center in McLean, Virginia.
Before you head out – even to the mall for holiday shopping – or to that hotel where you’ve booked your reservation – you can check Skycure’s Security Threat Map.
3. Data breaches are now common.
United Airlines, American Airlines, Marriott International and Westin Hotels & Resorts are all trusted names in travel, but all have been hit by data breaches since 2015.
Both airlines reported that frequent flier mile accounts were hacked, with cyberthieves booking themselves free trips.
Several major hotel chains have reported recent data breaches, with credit and debit card information swiped by the bad guys. In many cases, payment systems in hotel restaurants, gift shops and bars were targeted.
A number of restaurant chains, including Landry’s and Wendy’s also have been hit with data breaches.
Data breaches increased 15 percent in the first six months of 2016, compared to the last six months of 2015, according to Gemalto’s Breach Level Index. Worldwide, there were 974 reported data breaches and 424 million compromised data records in the first half of 2016.
For your protection, VanDenBerg recommends using a credit card, rather than a debit card, for all your purchases. “The card number on your debit card literally grants access to your bank account.”
Although both your credit and debit card might provide purchase protection, “in the case of fraud,
it’s certainly easier and less stressful to contest a credit card transaction,
where money hasn’t actually left your bank account yet.”
4. Bogus hotel reservations are a new threat.
Consumers may be suckered by fake hotel booking sites that pop up when searching online for a hotel room, says John Breyault, vice president at the National Consumers League.
You might think you’ve reserved a room, when in reality the reservation was never processed, and you’ll turn up at your destination and have no place to stay. Worse yet, if you entered your credit card number on the fake booking site, fraudsters may have been charging on your card since you made that reservation.
“If you’re at all suspicious of the site you’re on, go directly through to the hotel’s website and book that way,” he says. Another option is using a well-known reservation site, such as Expedia.com.
5. Skimmers ‘are really, really hard to spot.’
Skimmers – little devices that can be affixed to gas pumps or ATMs – are designed to swipe the information off the magnetic strip on your credit card, and that can be used to create counterfeit cards, Breyault says.
There are a lot more people casing houses from the security and comfort of their own home.
|-- Ed Goodman
“They’re really, really hard to spot. The skimmers are getting more and more sophisticated,” Breyault says.
He recommends avoiding ATMs in areas that aren’t well-monitored, such at the back of a bar or hallway of a restaurant.
At the gasoline station, choose a pump close to the cashier, where it’s harder for the bad guys to install a skimmer unnoticed, Goodman says.
Until fuel pumps are outfitted with EMV technology (the EMV switch deadline is 2020), they will remain a last bastion for thieves, experts say. Another reason to be on the lookout in the weeks ahead: Skimmer fraud spikes during peak travel periods.
6. Avoid being taken for a ride.
If you’re traveling in an unfamiliar area, you might find your taxi, Uber or Lyft driver hasn’t set the meter or is taking the long way around to jack up the fare, Breyault says.
He advises traveling with an officially licensed driver. And if you’re suspicious at all, take a photo of his or her license number. “It’s a sign you’re not an easy mark.”
7. Watch what you post on social media about trips.
Before, burglars would target houses where newspapers piled up. Today they troll Facebook, Instagram and other popular sites to see if you’re publicly posting about your travel plans.
“There are a lot more people casing houses from the security and comfort of their own homes,” Goodman says. If you openly post about your Christmas gift haul, then head out of town for New Year’s, you might be inviting criminals into your home.
8. After your trip, check for fraud.
You should be particularly vigilant after a trip and check your credit card and bank statements for any fraudulent activity, Breyault says.
To make tracking travel-related charges simpler, VanDenBerg recommends switching the credit card you use when you’re on the road.
“Most of us have one preferred workhorse card, where auto bill pays and daily expenses are charged,” VanDenBerg says. “Consider using a different card for travel to make it easier to spot fraudulent transactions.”
- Lenders' right to offset: What you need to know – This little-known clause allows funds to be pulled from your accounts to pay debts ...
- Fed boosts rates another quarter-point – The Federal Reserve voted to increase its target federal funds rate by a quarter point, triggering an equal rise in APRs on credit card balances ...
- Supreme Court gives debt buyers a pass from collection law – In a unanimous Supreme Court ruling Monday, debt buyers can collect accounts they own without obeying the federal law that reins in professional debt collectors ...