We are just days away from the start of Comic-Con in San Diego, and if you are heading on an away mission into the crowd of fellow fans, you may be wondering how to keep your data and devices safe. Being in the midst of such a large group of people provides a lot of tempting targets for cybercriminals who aim to misbehave, and the opportunity for both direct attacks, like physical theft, and more subtle attacks like malware infection.
With a little planning before you go and a little awareness when you are there, you can decrease the odds of being the victim of cybercrime. Here are some tips to deal with the five main risks you should be aware of:
1. Wi-Fi hotspots
Wi-Fi hotspots are one of the biggest sources of potential problems for people on the road. You never know who is on that network with you, or what they could be trying to do with your data. It is best, when you are out and about, to avoid using public Wi-Fi whenever possible. If you can, access the internet by the cellular network rather than Wi-Fi. If you’re surfing on your laptop, you can tether your cellphone to it or better yet – use your own mobile modem or hotspot.
If you’re not able to avoid using public Wi-Fi, there are still things you can do to improve your protection. Before you leave home, it is a good idea to make sure your software has the latest updates. The last thing you want to do in a crowded exhibit hall is to further slow up your connectivity by trying to pull down several megabytes’ worth of updates. Scammers also use fake update notices to try to fool people into downloading malicious files. If you update before you leave home, you can ignore those update notices until you can get back to a safer connection.
It’s a good idea to double-check the official name of the Wi-Fi hotspot so that you don’t end up using a rogue network by mistake. Never use networks named “Free Wi-Fi”, as the odds are good you’ll get more than you bargained for. Before you leave home, prune your list of “trusted” hot spots, as attackers like to create rogue hotspots using names of common connection points that they can expect travelers to have connected in the past, such as popular airports and hotel chains. And when you get home, don’t forget to “forget” the Wi-Fi networks you join while you’re on the road.
Whether you are using your own private hotspot or a public one, it is a good idea to encrypt as much of your traffic as possible. You can route your Internet through a VPN, and check to make sure you only enter sensitive data into sites that use HTTPS. If you can help it, it is best to avoid entering or accessing your most sensitive data (such as financial information or online banking credentials) while you are in public. Shoulder-surfing in a crowded area is far too easy!
2. Bluetooth and NFC
Because you will likely be depending heavily on devices that run on batteries, it is simply a good idea to turn off services that you are not using. But turning off Bluetooth, NFC (if you have it) and Wi-Fi can also help save your privacy, as these services can be used by miscreants to snarf your data. If you do need to use Bluetooth while you’re on the road, it’s best to keep your device names hidden. If you’re renting a car while you’re traveling, don’t pair your device with your car, unless you’re really keen on sharing your contacts or other data from your phone with the next person using that vehicle. Car rental companies cannot be relied upon to clear your data from the onboard computer as an ESET researcher recently discovered. Here are some of phone entries found for previous renters:
Fig 1.
And here are some of the contact list records that the car sucked in from a Bluetooth phone without asking permission!
Fig 2.
We will have more research on this issue in a future blog post. And on a related note, if you use the rental car company’s GPS system you may want to clear the memory on that before you hand the car back, otherwise the next renter may find out what destinations you were interested in (if it’s the San Diego Convention Center, no big deal; but if it’s an “adult” destination, you may not want to share that information).
3. Public charging stations
It’s becoming more and more common to see public charging stations for smartphones and tablets. Because USB connectors can be used to copy files off of your device or install unwanted programs, it’s best to give these a pass. If you have brought your own cord and AC adapter or a battery pack, you can safely charge your devices from public power outlets.
4. Physical theft
Theft of devices is always an issue in crowded spaces. Be sure to keep your gadgets with you at all times, unless they are locked in a hotel safe. And when you have a device on you, remember to keep it in a bag or pocket that is not easily seen and accessed. Before you leave home, it is a good idea to put anti-theft software on your device to help you find or wipe it if it gets lost or stolen. If you have backed up your data before you leave and frequently throughout the week, wiping your data on a stolen device won’t be such a pain. Put strong passwords on devices so that thieves will have a harder time accessing data. Log out of any accounts you won’t be using while you’re on the road (especially financial accounts), so that if someone does steal your device it will be harder to get access to those services. And now is a very good time to put two-factor authentication on your accounts wherever it’s available.
5. Malware
With plenty of people in close proximity, with who-knows-what cluttering up their machines, everyone is under an increased risk of being affected by self-propagating malware. And likewise, a big crowd is potentially a big payday for malware miscreants looking to attack people directly. Make sure you are using an up-to-date anti-virus and firewall to help protect yourself against the increased threat. It is also a good idea to encrypt any sensitive data on your machine, so that if someone or something malicious gets into your machine, they are less able to get access to it.
The good news is that these tips are equally helpful not just for connecting at Comic-Con but for any other situation when you need to connect to the Internet in public. If you make these actions a habit whenever you are on the road, you will be greatly increasing your overall security and peace of mind. As for super heroes, have you ever thought about which ones would be most helpful in the fight against cybercrime?
Finally, have fun during Comic-Con! Even if you don’t have a badge, there are many other events. You can even visit ESET at the Nerdist Conival at PETCO Park on Friday, July 10. There are games, with serious prizes, and ESET employees will be handing out free trials of Internet security software. Details can be found on ESET’s Comic-Con page.”
Photo: Sam Aronov / Shutterstock.com
