June 7, 2017 By Joseph Steinberg 3 min read

Oversharing your travel plans can put you, your colleagues, your corporate data systems, your property and even your loved ones at risk. Similarly, announcing to the world that your home is vacant obviously increases the odds of a break-in, so what happens to your corporate laptop or personal devices containing corporate data that you leave at home?

Furthermore, showing people what valuables and electronic devices you are carrying may put those items at risk. You may even expose yourself to an increased risk of being kidnapped in exchange for a ransom from your employer. Finally, social media posts can also be used to facilitate identity theft and execute social engineering attacks against businesses.

Five Social Media Safety Tips for Travelers

It is imperative for chief information security officers (CISOs) to communicate to their staffs and organizations the potential for improper social media use to compromise corporate plans, personnel and assets. Below are five tips to help social media users stay safe while traveling.

1. Do Not Share Flight Information

Do not post flight information online — ever. If you must share it, at least wait until after you have returned home from the trip. Sharing your travel information puts your home and office at increased risk of theft. And if crooks steal personal computing devices you use for work, your company’s IT systems could be exposed as well.

Cybercriminals use personal data such as flight information to craft more effective spear phishing scams as well as other social engineering campaigns against you and your colleagues. They can also use this data to fake a kidnapping and demand ransom payments from friends and relatives. That might sound a little far-fetched, but this type of virtual kidnapping has reached epidemic levels in certain areas.

2. Keep Your Plans to Yourself

If you want to ask friends for advice about sights to see at a location that you plan to visit, ask them, but do not note that you already have plans to travel to that location. You may seek recommendations about what to see in New York for a trip sometime in the spring of 2018, for example, but do not post specific dates on which you plan to travel. This information could also expose you or even your work colleagues to phishing scams.

3. Make Meet Ups Private

Ask people directly about meeting up by messaging them. Do not make public social media posts. Remember, Facebook posts that are viewable to friends of friends may be visible to people who should not see them.

4. Wait to Post Vacation Pics

Do not post information about your trip until you are home — that goes for text, photos and video. Of course, the urge to share these items is strong, but does the world really need to know that your house is empty and available to be burglarized? Similarly, do not “check in” to locations far from home.

5. Secure Your Accounts

Make sure your social media accounts are secure before you go on vacation. You may be using suboptimal internet connections while away from home, so take whatever steps you can before you travel to protect your accounts. If you do use insecure Wi-Fi while on vacation, make sure to take proper precautions.

Think Before You Post

The bottom line is that you should always think about what you put on social media before you post it. Furthermore, understand the network from which you are posting. Could the information you are sharing help cybercriminals target you or your work colleagues? Are you using a network that is sufficiently secure?

With these social media best practices, you can help protect yourself, your loved ones and your company while traveling, while contributing to a more secure online community for all.

More from Risk Management

Taking the fight to the enemy: Cyber persistence strategy gains momentum

4 min read - The nature of cyber warfare has evolved rapidly over the last decade, forcing the world’s governments and industries to reimagine their cybersecurity strategies. While deterrence and reactive defenses once dominated the conversation, the emergence of cyber persistence — actively hunting down threats before they materialize — has become the new frontier. This shift, spearheaded by the United States and rapidly adopted by its allies, highlights the realization that defense alone is no longer enough to secure cyberspace.The momentum behind this…

Are attackers already embedded in U.S. critical infrastructure networks?

4 min read - The threat of cyberattacks against critical infrastructure in the United States has evolved beyond data theft and espionage. Intruders are already entrenched in the nation’s most vital systems, waiting to unleash attacks. For instance, CISA has raised alarms about Volt Typhoon, a state-sponsored hacking group that has infiltrated critical infrastructure networks. Their goal? To establish a foothold and prepare for potentially crippling attacks that could disrupt essential services across the nation.Volt Typhoon embodies a threat far beyond everyday cyber crime.…

The current state of ransomware: Weaponizing disclosure rules and more

4 min read - As we near the end of 2024, ransomware remains a dominant and evolving threat against any organization. Cyber criminals are more sophisticated and creative than ever. They integrate new technologies, leverage geopolitical tensions and even use legal regulations to their advantage.What once seemed like a disruptive but relatively straightforward crime has evolved into a multi-layered, global challenge that continues to threaten businesses and governments alike.Let’s take a look at the state of ransomware today. We’ll focus on how cyber criminals…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today