Hackers use boarding passes people post online to hack travelers.
A recent survey showed that almost 85% of travelers are worried about being hacked while traveling. Cybersecurity experts from NordVPN say that the risks of being hacked increase drastically for those who share too much information about their vacation online.
An “airport selfie,” or a photo of a traveler’s boarding pass and a passport, is a popular way to let social media followers know they are going abroad. However, a boarding pass contains personal information that can help hackers to ruin the vacation.
“Even if only the barcode of your flight ticket is visible in the picture, hackers can scan it and find out such information as a traveler’s full name, reservation number, passenger name record, and sometimes even contact information,” says Adrianus Warmenhoven, a cybersecurity expert at NordVPN. “This data can later be used by the hacker to ruin a traveler’s vacation by canceling their return flights, stealing money from their payment cards, or even stealing their identity.”
What can a hacker do with the information from your boarding pass?
After scanning the barcode, hackers can use the data to get into a passenger’s airline account, steal their mileage points, or change details for upcoming flights.
Suppose the passenger is not a frequent traveler and they have not collected many mileage points for criminals to steal. In that case, a hacker might call a traveler up during their trip pretending to be the airline representative and ask for credit card details to confirm a return flight, for example.
Cybercriminals can also gather more information about their victim on social media and then try to call the airline, pretending to be a traveler. Boarding pass information and other valuable details they may find online can help criminals trick even the most secure travel agency or airline company into sharing their customer’s information.
After collecting this huge amount of data about their victim, criminals can proceed to sell this data on the dark web or even worse, steal the victim’s identity, enabling the hacker to commit fraud like opening credit card accounts or making unauthorized purchases.
A safe way to share vacation photos online
“While posting your boarding pass is never safe, there are ways to share your vacation with your followers and stay secure online at the same time,” says Adrianus Warmenhoven.
- Always post photos after you are back from vacation. It’s better to hold off posting photos or information that indicates you’re vacationing while you’re away. Don’t let your followers know your home is empty at the moment.
- Make sure your account settings are set to private. One of the most important pieces of information to know before you post anything online is who you’re sharing your information with. Make sure that your account settings are set to private and your posts are visible to your friends only instead of everyone on the internet.
- Never share personal information on social media. Remove personal details, such as your home address and telephone number, from your profile pages because there, they are easily accessible by anyone. Don’t make status updates sharing your location. And never ever post photos of your passport, plane tickets, or any other documents.
- Be careful with free public Wi-Fi. If you eventually decide to post anything online while abroad, ensure your connection is secure. Cafes, shops, and even hotels offer unsecured Wi-Fi networks. Users need to be especially cautious when connecting to these networks because they are easily monitored. Hackers may position themselves as a Wi-Fi hotspot or use special software to steal data from unprotected networks. One of the best ways to safely use public Wi-Fi is by installing a VPN.