August 28, 2015 By Christopher Burgess 3 min read

You’re traveling, on the road again for the company. You’ve listened to the travel security briefs and — unless you are on a trek to the Arctic with all your supplies in hand — you will be engaging in commerce for goods and services. Theses interactions require cash, credit or barter to complete. It is at this time during travel that individuals are most vulnerable, being far from their personal and professional support system.

Many have had an instance where they go to make a purchase and the individual processing the transaction takes a gulp and says, “There seems to be a problem with your card.” We all try to avoid such an event, but often, circumstances outside our control trigger a fraud alert. Losing one’s credit card can also create a minor crisis. And while bank transfers within our own ecosystem are easily understood, the process gets complex quickly when a foreign entity is brought into play. The seriousness and stress of these issues makes learning about the best travel security practices essential.

Traveling With Credit Cards

Your employer may have a travel security program that provides workers access to an employer-provided credit card. These are issued through financial institutions and normally allow the company to directly access the credit card accrued expenses and pay those charges based on a confirmation of validity as both appropriate and true in accordance with the employee handbook on travel expenses.

Ordinarily, these credit cards are viewed as company cards, but their misuse can and will have a deleterious effect on one’s personal credit rating. Whether you are using your personal or business credit card, you must exercise due caution when at ATMs or during vendor transactions. At the former, watch for card skimmers, which are devices that skim the electronic data and allow criminals to duplicate the card and run up charges.

Managing Wire Transfers

But individual travel expense vulnerability isn’t the only worrisome area for companies. While you’re in travel mode, the enterprise is communicating with you differently than if you were sitting in the office and available for a face-to-face chat. This extends to approving wire transfer requests. There may be transactions requiring your approval or financial items you will generate when abroad. It is paramount that travel security discussions within your company include each and every person involved in the fiscal aspects of the company so they can be trained on the processes that result in payment or transfer of funds.

Take technology startup Ubiquiti, which found itself on the losing end of a sophisticated social engineering attack that resulted in $46 million being siphoned out of its treasury, $8 million of which was eventually recovered. The methodology used was a variant on CEO fraud, or business email compromise.

In 2014, the FBI investigated $226 million in losses from U.S. companies that fell victim to the email scam. Compromise of a company’s email system allows the criminals to spoof directions as if the demands are coming from those officials with authority to make the fiscal decisions. The FBI report stated that “email accounts of the chief executive officers or chief financial officers of a targeted business were hacked or spoofed, and wire payments were requested to be sent to fraudulent locations.”

Travel Security Tips

Any employee can follow a few general travel security tips to help stay safe when abroad and avoid falling victim to common schemes. Before departing, you should complete several key tasks, including:

  1. Register your itinerary with your company. Include a copy of your passport data page with your records.
  2. Register with your country’s embassy or consulate in the given locale. For U.S. citizens, it is the U.S. Department of State, which offers the Smart Traveler Enrollment Program (STEP) to make this process easier.
  3. Contact your credit and debit card-issuing institution and inform their fraud department that you will be traveling to a given locale. Provide the dates and specific locations. This allows the fraud department to monitor for unusual activity and activity outside the window of your travel.
  4. Make copies of all your travel documents and credit cards to leave with a trusted individual. Should you need to replace any or all of these resources, the copies will be instrumental in accomplishing the task.
  5. Review the precise circumstances in which wire transfers and the like can take place with your enterprise’s finance personnel. Check what authentication protocols are in place to avoid spoofing.
  6. Review and train on the remote use of company email systems to avoid compromise. This may include adopting the use of a virtual private network (VPN) or restricting yourself to secure email.

More from Fraud Protection

Web injections are back on the rise: 40+ banks affected by new malware campaign

8 min read - Web injections, a favored technique employed by various banking trojans, have been a persistent threat in the realm of cyberattacks. These malicious injections enable cyber criminals to manipulate data exchanges between users and web browsers, potentially compromising sensitive information. In March 2023, security researchers at IBM Security Trusteer uncovered a new malware campaign using JavaScript web injections. This new campaign is widespread and particularly evasive, with historical indicators of compromise (IOCs) suggesting a possible connection to DanaBot — although we…

Virtual credit card fraud: An old scam reinvented

3 min read - In today's rapidly evolving financial landscape, as banks continue to broaden their range of services and embrace innovative technologies, they find themselves at the forefront of a dual-edged sword. While these advancements promise greater convenience and accessibility for customers, they also inadvertently expose the financial industry to an ever-shifting spectrum of emerging fraud trends. This delicate balance between new offerings and security controls is a key part of the modern banking challenges. In this blog, we explore such an example.…

Remote access detection in 2023: Unmasking invisible fraud

3 min read - In the ever-evolving fraud landscape, fraudsters have shifted their tactics from using third-party devices to on-device fraud. Now, users face the rising threat of fraud involving remote access tools (RATs), while banks and fraud detection vendors struggle with new challenges in detecting this invisible threat. Let’s examine the modus operandi of fraudsters, prevalence rates across different regions, classic detection methods and Trusteer’s innovative approach to RAT detection through behavioral analysis. A rising threat As Fraud detection methods become more and…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today