June 7, 2017 By Joseph Steinberg 3 min read

Oversharing your travel plans can put you, your colleagues, your corporate data systems, your property and even your loved ones at risk. Similarly, announcing to the world that your home is vacant obviously increases the odds of a break-in, so what happens to your corporate laptop or personal devices containing corporate data that you leave at home?

Furthermore, showing people what valuables and electronic devices you are carrying may put those items at risk. You may even expose yourself to an increased risk of being kidnapped in exchange for a ransom from your employer. Finally, social media posts can also be used to facilitate identity theft and execute social engineering attacks against businesses.

Five Social Media Safety Tips for Travelers

It is imperative for chief information security officers (CISOs) to communicate to their staffs and organizations the potential for improper social media use to compromise corporate plans, personnel and assets. Below are five tips to help social media users stay safe while traveling.

1. Do Not Share Flight Information

Do not post flight information online — ever. If you must share it, at least wait until after you have returned home from the trip. Sharing your travel information puts your home and office at increased risk of theft. And if crooks steal personal computing devices you use for work, your company’s IT systems could be exposed as well.

Cybercriminals use personal data such as flight information to craft more effective spear phishing scams as well as other social engineering campaigns against you and your colleagues. They can also use this data to fake a kidnapping and demand ransom payments from friends and relatives. That might sound a little far-fetched, but this type of virtual kidnapping has reached epidemic levels in certain areas.

2. Keep Your Plans to Yourself

If you want to ask friends for advice about sights to see at a location that you plan to visit, ask them, but do not note that you already have plans to travel to that location. You may seek recommendations about what to see in New York for a trip sometime in the spring of 2018, for example, but do not post specific dates on which you plan to travel. This information could also expose you or even your work colleagues to phishing scams.

3. Make Meet Ups Private

Ask people directly about meeting up by messaging them. Do not make public social media posts. Remember, Facebook posts that are viewable to friends of friends may be visible to people who should not see them.

4. Wait to Post Vacation Pics

Do not post information about your trip until you are home — that goes for text, photos and video. Of course, the urge to share these items is strong, but does the world really need to know that your house is empty and available to be burglarized? Similarly, do not “check in” to locations far from home.

5. Secure Your Accounts

Make sure your social media accounts are secure before you go on vacation. You may be using suboptimal internet connections while away from home, so take whatever steps you can before you travel to protect your accounts. If you do use insecure Wi-Fi while on vacation, make sure to take proper precautions.

Think Before You Post

The bottom line is that you should always think about what you put on social media before you post it. Furthermore, understand the network from which you are posting. Could the information you are sharing help cybercriminals target you or your work colleagues? Are you using a network that is sufficiently secure?

With these social media best practices, you can help protect yourself, your loved ones and your company while traveling, while contributing to a more secure online community for all.

More from Risk Management

Operationalize cyber risk quantification for smart security

4 min read - Organizations constantly face new tactics from cyber criminals who aim to compromise their most valuable assets. Yet despite evolving techniques, many security leaders still rely on subjective terms, such as low, medium and high, to communicate and manage cyber risk. These vague terms do not convey the necessary detail or insight to produce actionable outcomes that accurately identify, measure, manage and communicate cyber risks. As a result, executives and board members remain uninformed and ill-prepared to manage organizational risk effectively.…

The evolution of ransomware: Lessons for the future

5 min read - Ransomware has been part of the cyber crime ecosystem since the late 1980s and remains a major threat in the cyber landscape today. Evolving ransomware attacks are becoming increasingly more sophisticated as threat actors leverage vulnerabilities, social engineering and insider threats. While the future of ransomware is full of unknown threats, we can look to the past and recent trends to predict the future. 2005 to 2020: A rapidly changing landscape While the first ransomware incident was observed in 1989,…

Defense in depth: Layering your security coverage

2 min read - The more valuable a possession, the more steps you take to protect it. A home, for example, is protected by the lock systems on doors and windows, but the valuable or sensitive items that a criminal might steal are stored with even more security — in a locked filing cabinet or a safe. This provides layers of protection for the things you really don’t want a thief to get their hands on. You tailor each item’s protection accordingly, depending on…

The evolution of 20 years of cybersecurity awareness

3 min read - Since 2004, the White House and Congress have designated October National Cybersecurity Awareness Month. This year marks the 20th anniversary of this effort to raise awareness about the importance of cybersecurity and online safety. How have cybersecurity and malware evolved over the last two decades? What types of threat management tools surfaced and when? The Cybersecurity Awareness Month themes over the years give us a clue. 2004 - 2009: Inaugural year and beyond This early period emphasized general cybersecurity hygiene,…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today