How to avoid cybercrime while travelling

For those of us old enough to remember it, travelling was tough before digital technology. You had to call the airline to check your flights, decipher crumpled maps to find your way around, and stay in touch with friends through postcards that arrived late (or never at all).

Today, digital technology has given travellers the power to manage every part of their journey, even on the go. Confusing physical maps have been replaced by ever-updating directions on your phone, bookings can be made and changed at the push of a button, and finding the best restaurant in town is only a Google search away.

Technology has improved almost every aspect of the travel experience, but it has also posed some new threats to travellers. Data theft, fraud and hacking are now things that everyone should prepare for, but how can you can keep yourself and your devices safe overseas?

Should travellers be worried about data security?

Just like you protect your bags from pickpockets, you should protect your electronics from digital thieves. After all, you might be on holiday, but thieves aren’t.

The Office of the Director of National Intelligence (a US Government agency) goes as far as to say that, “Assume that when you travel, you have no privacy, and all your communication might be watched.” Whether it’s financial details, travel itineraries, or other sensitive personal information, your devices contain a treasure trove of valuable data and should be protected.

Thankfully, there are several simple strategies that travellers can use to protect their devices overseas. We’ll get to those, but first let’s look at five data threats to watch out for.


5 data threats travellers should know

Most travellers don't think twice about travelling with their electronics. They might be careful not to drop their phones in the hotel pool, and keep their laptops out of sight when walking around town, but cyber security isn’t at the front of mind. However, there are several ways your data could be in danger.

1. Using public Wi-Fi networks

Whether it’s from a coffee shop, a shopping mall, a restaurant or just a city-wide connection, countless places offer public Wi-Fi networks. While they might be convenient for tourists finding their way around a new city, they’re also particularly vulnerable to hacking.

According to leading computer antivirus software company, Norton, “All information on unsecured public Wi-Fi is easily viewed by others using the same network if they know the simple tricks that cyber criminals use to eavesdrop on whatever you do online."

Their study found that out of people who used public Wi-Fi connections:

  • 22% accessed banking and financial information
  • 56% logged into social media accounts
  • 38% shared photos or videos
  • 58% logged into a personal email account

This sensitive information is often captured by hackers who exploit poor public Wi-Fi connections using a ‘man-in-the-middle’ attack.

How to avoid: Instead of relying on public Wi-Fi hotspots, buy a prepaid SIM card from a local mobile phone shop. They can be inexpensive and include enough data to use your vital apps like maps, messages, banking and booking. Best yet, you’ll be on a secure network while browsing.


2. Bluetooth connections

Just like unsecured Wi-Fi networks, Bluetooth connections can provide hackers with a window into your devices. Bluetooth is most commonly used for file sharing and connecting one device to another (like connecting your phone to a car or a portable music speaker).

The greatest risk here is that if you keep your phone’s Bluetooth pairing on, it will always be searching for devices to connect to, which can be exploited by hackers.

How to avoid: The trick here is simple: turn your Bluetooth off! This is easily done through your phone, laptop and tablet settings, depending on your device type.

3. Touch ID passwords

If your smartphone was built after 2016, chances are you’re familiar with using Touch ID technology to unlock your device. Touch ID allows you to access your phone by using a fingerprint instead of a password, however there have been mounting concerns around the security of the technology.

In fact, as far back as 2014, a security research company managed to construct a working model of the German Defence Minister’s fingerprint using a photograph of their hand. Other research conducted by the New York University reveals that so-called ‘master prints’ could be created to fool scanners 65% of the time. There are also concerns surrounding Touch ID involving thieves using an unconscious victim’s hand to unlock their device. Likewise, facial recognition and iris scanning authentication have been found to be fooled by photographs.

How to avoid: It’s wise to be cautious about using Touch ID as an authentication on your device, especially as the technology can now be used to make payments and access bank accounts. For the most part, Touch ID is a secure option, however it can always be improved. Consider using two-factor authentication to access your accounts, which add an extra layer of security.


4. Stalking

Have you ever shared an update to your social media feed while travelling? Or maybe you’ve even written a blog post on your travel experiences, and mentioned your next destination?

Technology allows us to stay connected with friends and family like never before. But it also means your travel plans can be there for all to see. Stalking is a common technique used by hackers, which involves building a profile of your personal information with a goal to obtain control of your finances.

If a skilled hacker can see your full name, date of birth, home address, email address, mobile phone number and next destination all from your social media accounts, they might have enough information to obtain control of your bank accounts, as happened to Financial Review columnist Shelley Gare. They could then cancel your accommodation booking at your next destination, and have the money refunded to your bank account (which you no longer control).

How to avoid: Just like you wouldn’t walk around with a t-shirt printed with your full name, email address, home address, phone number and next destination, you shouldn’t post this information on your social accounts for all to see. Ensure your privacy settings are as secure as possible, so you have full control over who sees your posts.


5. Removable media

When it comes to protecting your devices, you may only think of your phone and laptop. However, removable media such as USB sticks, SD cards, CDs and cameras can also provide hackers with a way into your sensitive data.

How to avoid: Keep tabs on all of your electronic devices, no matter how small or seemingly insignificant. When you’re out and about, leave all electronics locked securely in the hotel safe. Better yet, think twice about whether or not you need to bring all of these devices with you overseas.

Data protection checklist for travellers

Protecting your data from cyber criminals may sound like a complicated task, but with these simple strategies they’ll be left looking for an easier target:

  • Don’t post your travel plans on social media networks. If you do, ensure your privacy settings are set so that only friends and family can see your posts
  • Set up a temporary email address to make travel bookings. It’s a good idea to separate your work and personal accounts from what you’ll be using day-to-day to book hotels, tours and restaurants
  • Reduce the number of devices you take with you
  • Avoid using public Wi-Fi networks
  • Always have your Bluetooth turned off
  • Be wary of strangers who take an unusual amount of interest in you, your work or your travel plans
  • Don’t leave electronic devices unattended

Do you have a tip about travelling with technology? We’d love to hear it! Send us an email at and tell us more.

 The content of this article is general and provided for information purposes only. Southern Cross Travel Insurance (SCTI) doesn’t guarantee or warrant the accuracy, completeness or currency of the articles.

This article may contain hyperlinks to other websites owned or operated by third parties, or references to third party products or services. SCTI isn’t responsible for, and makes no recommendation about, the content or accuracy of any third party website, or for the suitability or performance of any product or service. The inclusion of a link in this article doesn’t imply that SCTI endorses the website or third party product/service.