Blog / It’s Beginning to Look a lot Like Christmas – Cyber Crimes Are Coming to Town…
Another year has almost come and gone, so now it’s time for another round of Christmas shopping. At the same time, many people also travel during this season. So, how about some advice for both parties?
That was a conversation I had with one of my work Colleagues last week, so you can thank Chris Penn, our Marketing guy, for this one. Don’t tell him that I thought it was a great idea. So, here are some simple tips and best practices to help keep you a bit safer, as you travel around or shop from home this Christmas.
A Couple of Travel Tips
When it comes to travel, most people will find themselves spending a large amount of time in an airport or a hotel room, or both. So, what are some simple things that you can do to keep yourself a little safer?
1) Don’t plug your devices into an unknown USB charge port
USB is a technology that was never designed for Security. It’s kind of like a credit card, in that it was designed to be convenient, and it is! The problem is when you start thinking like a bad actor and look for ways to exploit it. It’s possible to build a computer that is small enough to fit-in the housing of a USB plug that looks for specific devices, and then reprograms them when they get plugged-in. This would happen with no interaction or notification to the user and would be undetectable to any Anti-Malware or Security software that was installed. It would be cheap to build and wouldn’t require a high degree of specialized knowledge.
This is nothing new and has been public knowledge for a long time. It’s why the US military doesn’t allow USB on their bases (or at least they didn’t a few years back and I doubt that policy has changed.)
How do you charge your devices then?
A) Bring along a rechargeable battery – There are lot of rechargeable USB batteries that you can buy, very cheaply. Use one of them to charge your USB devices from.
B) Charge your devices off your laptop (if you bring one) – Plug your laptop into the wall and your device into the laptop. Your laptop may have USB ports on them, but the difference is that it’s known. You can reasonably say that nobody unknown has messed with it, without your knowledge. This isn’t something you can affirm, when it comes to a USB charge point in an Airport or Hotel room.
2) Be careful when you use unknown Wi-Fi networks (secure or not)
The reason is simple: You don’t know how that network is configured. It may be set-up to monitor all of the traffic going through it. There might be a compromised device in that network scanning the traffic. The point is, you don’t know; so, is it worthwhile taking the chance by doing something important or sensitive?
Some simple precautions:
I) Avoid using unsecured networks – When your device sends traffic over a network, you need to remember that the Antennae that sends your traffic is not directional. Information is being spewed in all directions. So, an unsecured network means that anyone could monitor your traffic, without needing to even connect to the network. A secured network adds a layer of encryption around all the wireless information sent through it.
II) Don’t do anything with your finances when using an unknown wireless network – Secured or not, it’s best simply to do any sort of online financial activity when you can’t vouch for the configuration of the network. Banking, credit cards and online ordering are all big money items, and well known. Thus, if someone was going to go through the effort of compromising in the first place, these sorts of activities make good targets.
III) Tether your Phone to your Laptop, to do your finances – It’s a simple matter to have your phone provide a Wi-Fi network that you can connect to and then do all your financial stuff. Just remember to make sure you disconnect your phone from any Wi-Fi network it’s connected to, so your information gets sent over your cellular network. Remember to keep this activity to a minimum, since those data limits show up a lot faster then you might expect, and Roaming charges can skyrocket very rapidly.
Some Online Tips:
3) Be careful using your Credit Card online
Often credit cards are the only way to do online ordering. Most of them come with the built-in ability to easily contest an unknown charge, by calling up the credit card company. Having a credit card that is only used for online shopping is ideal. This way, any unusual activity is easy to spot. Also, since you only intend to use it online, setting the charge limit to be something lower then normal is useful. For example: I have a VISA that came with a $15,000 limit. If I intended to use it exclusively for online shopping, that limit would be excessive.
4) Install Anti-Malware software on ALL your devices
Most people understand that you should use Security software on your computers and laptops. However, many tend to forget that this includes tablets and other smart devices, like phones. It’s not just individuals that are guilty of this; I’ve done multiple Security audits and I rarely see an organization that has Security software on their phones. Having Anti-Malware software installed doesn’t mean you will never get a virus, but it certainly improves your defenses, so don’t forget about it! It should be installed anywhere it can be (and kept up-to-date with a subscription.)
5) Use Strong, Unique passwords… EVERYWHERE!!!
Passwords in the old days used to have very strict length limits (8-12 characters maximum.) Under those conditions your best Security was to make passwords very complicated. As a side effect, they were hard to remember. Most passwords now don’t have limitations like that, so go for broke on length! Also, don’t be afraid to use full words, since they can be easier to remember. Some simple suggestions:
– iWasBornOnNovember1819##
– SpiritRiverIs@SmallTown1011
– iLikePi3.14159265359
With passwords like that, it’s easy to remember a lot of different ones (assuming you can remember that many digits of Pi.) That way you don’t need to use a password manager. Also, if you use a different password on all the websites you frequent, you won’t have to go around changing all your passwords, if one of them gets compromised.
Stay safe by keeping a healthy level of paranoia when it comes to your electronic safety! It is easy to go overboard, but it’s worse to have a laissez-faire attitude and not do enough.
If you have any questions about keeping yourself Cyber Safe, you can always reach out to your TRINUS Account Manager for some stress-free IT.
By Kind Courtesy of Your Friendly Neighbourhood Cyber-man.