Oversharing your travel plans can put you, your colleagues, your corporate data systems, your property and even your loved ones at risk. Similarly, announcing to the world that your home is vacant obviously increases the odds of a break-in, so what happens to your corporate laptop or personal devices containing corporate data that you leave at home?

Furthermore, showing people what valuables and electronic devices you are carrying may put those items at risk. You may even expose yourself to an increased risk of being kidnapped in exchange for a ransom from your employer. Finally, social media posts can also be used to facilitate identity theft and execute social engineering attacks against businesses.

Five Social Media Safety Tips for Travelers

It is imperative for chief information security officers (CISOs) to communicate to their staffs and organizations the potential for improper social media use to compromise corporate plans, personnel and assets. Below are five tips to help social media users stay safe while traveling.

1. Do Not Share Flight Information

Do not post flight information online — ever. If you must share it, at least wait until after you have returned home from the trip. Sharing your travel information puts your home and office at increased risk of theft. And if crooks steal personal computing devices you use for work, your company’s IT systems could be exposed as well.

Cybercriminals use personal data such as flight information to craft more effective spear phishing scams as well as other social engineering campaigns against you and your colleagues. They can also use this data to fake a kidnapping and demand ransom payments from friends and relatives. That might sound a little far-fetched, but this type of virtual kidnapping has reached epidemic levels in certain areas.

2. Keep Your Plans to Yourself

If you want to ask friends for advice about sights to see at a location that you plan to visit, ask them, but do not note that you already have plans to travel to that location. You may seek recommendations about what to see in New York for a trip sometime in the spring of 2018, for example, but do not post specific dates on which you plan to travel. This information could also expose you or even your work colleagues to phishing scams.

3. Make Meet Ups Private

Ask people directly about meeting up by messaging them. Do not make public social media posts. Remember, Facebook posts that are viewable to friends of friends may be visible to people who should not see them.

4. Wait to Post Vacation Pics

Do not post information about your trip until you are home — that goes for text, photos and video. Of course, the urge to share these items is strong, but does the world really need to know that your house is empty and available to be burglarized? Similarly, do not “check in” to locations far from home.

5. Secure Your Accounts

Make sure your social media accounts are secure before you go on vacation. You may be using suboptimal internet connections while away from home, so take whatever steps you can before you travel to protect your accounts. If you do use insecure Wi-Fi while on vacation, make sure to take proper precautions.

Think Before You Post

The bottom line is that you should always think about what you put on social media before you post it. Furthermore, understand the network from which you are posting. Could the information you are sharing help cybercriminals target you or your work colleagues? Are you using a network that is sufficiently secure?

With these social media best practices, you can help protect yourself, your loved ones and your company while traveling, while contributing to a more secure online community for all.

More from Risk Management

Security Awareness Training 101: Which Employees Need It?

4 min read - To understand why you need cybersecurity awareness training, you must first understand employees' outsized roles in security breaches. “People remain — by far — the weakest link in an organization’s cybersecurity defenses,” noted Verizon on the release of their 2022 Data Breach Investigations Report (DBIR). They elaborate that 25% of all breaches covered in the report were the result of social engineering attacks, and when you add human errors and misuse of privilege, the human element accounts for 82% of…

4 min read

Secure-by-Design: Which Comes First, Code or Security?

4 min read - For years, developers and IT security teams have been at loggerheads. While developers feel security slows progress, security teams assert that developers sacrifice security priorities in their quest to accelerate production. This disconnect results in flawed software that is vulnerable to attack. While advocates for speed and security clash, consumers must often pay the price when threat actors strike. 48% of developers admitted they were still shipping code with vulnerabilities in 2022. It’s clearly time for a change. Many believe…

4 min read

Will Commercial Spyware Survive Biden’s Executive Order?

4 min read - On March 27, 2023, reports surfaced that 50 U.S. government employees had been targeted by phone spyware overseas. On the day of that report, President Joe Biden signed an executive order to restrict federal agencies’ use of commercial spyware. The timing of the order was linked to this specific phone-targeting exploit. But spyware infiltration of government officials — and by government officials — has been a recurring problem globally. Commercial spyware has long been entwined with statecraft and spycraft, both…

4 min read

How to Boost Cybersecurity Through Better Communication

4 min read - Security would be easy without users. That statement is as absurd as it is true. It’s also true that business wouldn’t be possible without users. It’s time to look at the big picture when it comes to cybersecurity. In addition to dealing with every new risk, vulnerability and attack vector that comes along, cybersecurity pros need to understand their own fellow employees - how they think, how they learn and what they really want. The human element — the individual and…

4 min read