June 7, 2017 By Joseph Steinberg 3 min read

Oversharing your travel plans can put you, your colleagues, your corporate data systems, your property and even your loved ones at risk. Similarly, announcing to the world that your home is vacant obviously increases the odds of a break-in, so what happens to your corporate laptop or personal devices containing corporate data that you leave at home?

Furthermore, showing people what valuables and electronic devices you are carrying may put those items at risk. You may even expose yourself to an increased risk of being kidnapped in exchange for a ransom from your employer. Finally, social media posts can also be used to facilitate identity theft and execute social engineering attacks against businesses.

Five Social Media Safety Tips for Travelers

It is imperative for chief information security officers (CISOs) to communicate to their staffs and organizations the potential for improper social media use to compromise corporate plans, personnel and assets. Below are five tips to help social media users stay safe while traveling.

1. Do Not Share Flight Information

Do not post flight information online — ever. If you must share it, at least wait until after you have returned home from the trip. Sharing your travel information puts your home and office at increased risk of theft. And if crooks steal personal computing devices you use for work, your company’s IT systems could be exposed as well.

Cybercriminals use personal data such as flight information to craft more effective spear phishing scams as well as other social engineering campaigns against you and your colleagues. They can also use this data to fake a kidnapping and demand ransom payments from friends and relatives. That might sound a little far-fetched, but this type of virtual kidnapping has reached epidemic levels in certain areas.

2. Keep Your Plans to Yourself

If you want to ask friends for advice about sights to see at a location that you plan to visit, ask them, but do not note that you already have plans to travel to that location. You may seek recommendations about what to see in New York for a trip sometime in the spring of 2018, for example, but do not post specific dates on which you plan to travel. This information could also expose you or even your work colleagues to phishing scams.

3. Make Meet Ups Private

Ask people directly about meeting up by messaging them. Do not make public social media posts. Remember, Facebook posts that are viewable to friends of friends may be visible to people who should not see them.

4. Wait to Post Vacation Pics

Do not post information about your trip until you are home — that goes for text, photos and video. Of course, the urge to share these items is strong, but does the world really need to know that your house is empty and available to be burglarized? Similarly, do not “check in” to locations far from home.

5. Secure Your Accounts

Make sure your social media accounts are secure before you go on vacation. You may be using suboptimal internet connections while away from home, so take whatever steps you can before you travel to protect your accounts. If you do use insecure Wi-Fi while on vacation, make sure to take proper precautions.

Think Before You Post

The bottom line is that you should always think about what you put on social media before you post it. Furthermore, understand the network from which you are posting. Could the information you are sharing help cybercriminals target you or your work colleagues? Are you using a network that is sufficiently secure?

With these social media best practices, you can help protect yourself, your loved ones and your company while traveling, while contributing to a more secure online community for all.

More from Risk Management

Working in the security clearance world: How security clearances impact jobs

2 min read - We recently published an article about the importance of security clearances for roles across various sectors, particularly those associated with national security and defense.But obtaining a clearance is only part of the journey. Maintaining and potentially expanding your clearance over time requires continued diligence and adherence to stringent guidelines.This brief explainer discusses the duration of security clearances, the recurring processes involved in maintaining them and possibilities for expansion, as well as the economic benefits of these credentialed positions.Duration of security…

Remote access risks on the rise with CVE-2024-1708 and CVE-2024-1709

4 min read - On February 19, ConnectWise reported two vulnerabilities in its ScreenConnect product, CVE-2024-1708 and 1709. The first is an authentication bypass vulnerability, and the second is a path traversal vulnerability. Both made it possible for attackers to bypass authentication processes and execute remote code.While ConnectWise initially reported that the vulnerabilities had proof-of-concept but hadn’t been spotted in the wild, reports from customers quickly made it clear that hackers were actively exploring both flaws. As a result, the company created patches for…

Researchers develop malicious AI ‘worm’ targeting generative AI systems

2 min read - Researchers have created a new, never-seen-before kind of malware they call the "Morris II" worm, which uses popular AI services to spread itself, infect new systems and steal data. The name references the original Morris computer worm that wreaked havoc on the internet in 1988.The worm demonstrates the potential dangers of AI security threats and creates a new urgency around securing AI models.New worm utilizes adversarial self-replicating promptThe researchers from Cornell Tech, the Israel Institute of Technology and Intuit, used what’s…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today