Holiday hotel hackers are after your valuable data – and they will even use the TV in your room to steal information. You might be chilled out in your accommodation but it can be a cyber-security hotspot filled with risk.

Virtual private network (VPN) service NordVPN is warning UK tourists that fraudsters and scammers are preying with techniques such as ‘evil twin’ wi-fi connections and ‘juice jacking’ USB ports. The room’s smart TV can also be a gateway for hackers who want to grab your data and sell it on the dark web.

The firm’s cyber-security expert Adrianus Warmenhoven said: “You don’t need to be at home or the office for your data to be stolen – cyber-criminals will happily break into your phone at your hotel. Hackers can use a hotel’s cyber-security vulnerabilities in several ways to reach you. While you’re on vacation and away from your home internet connection, you should be cautious and manage cyber-security risks.”

Here, NordVPN reveals the five key ways hackers can target your vulnerable, valuable data and how to keep your guard up while letting your hair down.

Hotel wi-fi: protect your connection

• 

  'I go on solo Dubai holidays without my kids so I can party – and you should too'

Every public internet connection has an increased risk of being used by cybercriminals, and that includes hotel wi-fi.

It can be used to take travellers’ passwords and personal information in two ways. One is to connect to the hotel’s wi-fi and install malicious malware.

The second is to create a so-called ‘evil twin’ – a fake, unprotected wi-fi hotspot with an innocuous name such as Guest Wi-Fi or Free Hotel Wi-Fi – and steal private information via that.

Warmenhoven said: “First, ask the person at the reception desk to give the exact name and password for the provided wi-fi to avoid connecting to an ‘evil twin’ network. Second, use a VPN service to encrypt your data and prevent third parties from intercepting it. Finally, it is always a good idea to enable a firewall while using public wi-fi.”

Smart TV: Turn off TV cyberstalking

Most hotel room smart TVs have a connection to local wi-fi to allow guests to access apps and streaming platforms. However, this can make them a portal for cybercriminals using the built-in microphones or cameras, or stealing the personal credentials used to log in to apps.

If you can, keep the TV unplugged from power when it’s not being used. Covering the webcam and avoiding logging in with personal credentials also reduces risks.

SB charger: use a socket

More hotels are installing convenient USB charging ports in rooms and they are a tempting way to charge a device, especially if the visitor is from a location with a different kind of plug.

However, hackers can modify public places’ charging cables to install malware on phones to perform an attack called ‘juice jacking’. This allows fraudsters to steal users’ passwords, credit card information, address, name and other data.

Warmenhoven said: “Safe device charging on your way to your vacation spot might be challenging because you must carry a power bank or USB data blocker, but hotel rooms always have a socket. Usually, it’s the safest way to charge your devices.’’

Automatic connection: disable it and enable security apps

Keep this function on your devices disabled to help mitigate cyber-security risks, as you may be surrounded by public and insecure internet connections.

Some travellers leave their smartphone in their hotel room and forget that even if they leave a device disconnected from wi-fi, it can automatically turn on, for example, if hotel staff move it while cleaning a room.

Disabling automatic connection is one solution to protect your device. The second is to enable auto-connection to security apps, such as firewalls or VPNs. This way, even if the device connects to wi-fi, it remains protected from hackers.

Phishing attacks: be attentive

Unfortunately, it can be very challenging to have 100% security against professional hackers who often aim for high-value targets.

The cyber-attack group DarkHotel is known to use wi-fi at luxury hotels with sophisticated combined techniques such as spear phishing, malware and botnet automation designed to capture confidential data.

They seek key targets – business executives, politicians, senior military and pharmaceutical company representatives – and phishing emails are tailored to each victim and are highly convincing.

Warmenhoven said: “Effective protection from sophisticated cyber-attacks is possible by using trusted VPN and internet security apps as well as regularly updating software. Nevertheless, travellers should always be aware of phishing attacks: verify the authenticity of suspicious emails and executable files and pay attention to odd spelling. These habits remain valuable during vacation as well as when you return to the office.”

• Find out more on nordvpn.com.

Source: Read Full Article