The advent of the Holy Week in the Philippines herald the start of the travel season, especially since most schools have not yet adapted to the September school opening. For countless among us, our smartphones and laptops are a must-bring to make our travel productive and memorable. Be it taking selfies or walk-about vlogs, video-conferencing via Skype, endless chatting via WhatsApp, wall posting on the ubiquitous Facebook, finding our way via Google Maps or simply getting in touch via international SMS or free voice call minutes (“where-na-you, here-na-me” mode), our devices are our connection to the world, or so it seems.
However, traveling with our data can unnecessarily expose us to risks these days, from identity theft to swiping of otherwise confidential information that could expose our more vulnerable self. There are also border agents who may, in the course of performing their jobs, inadvertently force you into a compromising situation.
Best to plan ahead.
Invest in a good RFID-blocking wallet or purse. Credit cards, bank cards and government-issued machine-readable IDs and passports are good catch for identity thieves. They don’t even need to touch or pick your wallet; a quick scan using a handheld radio-frequency skimming device over your pocket or handbag is enough to lift all that digitized information.
Use a trusted VPN. Untrusted open wi-fi hotspots are haven for prying eyes. You don’t get to see who else are connected to those networks, but the bad guys see everything. A VPN (ideally a paid subscription) will not prevent them from seeing your data traffic, but the encryption offered by these VPN protocols ensure that encrypted data traveling through the open network are pretty much worthless pieces of garbled junk in the hands of crooks.
Move sensitive data to the cloud. Keep secure data off the device and into the cloud. The data will still be accessible to you on-demand at your convenience upon arriving at your destination, but at least it’s one item off the worry list should your device get lost or stolen.
Temporarily remove password managers from mobile devices. Border agents may be legally allowed to compel you to unlock your device or enter passwords for applications or sites. If there are no password managers installed, there is no way to unlock it. You can reinstall the password manager later when you need it.
Avoid using public USB charging stations at train stations or sea/airports. This is a new hacking method. Instead, use a good old-fashioned electrical outlet that doesn’t allow data to be transmitted. If you don’t have an AC adaptor, charge your power bank via USB instead, then use your power bank to charge your device.
Don’t be uncooperative towards or proactively hide data from border agents. Old tricks like hidden volumes are pretty much unreliable and may get you into worse trouble if they are discovered especially if they happen to contain pirated files, songs, movies or unlicensed copyrighted materials.
Install an anti-malware software. Your data may end up not being stolen but a good number of malwares seek to destroy your data stored on the device, if only to annoy you.
Use a device or software firewall. Firewalls keep closed some ports that are commonly used by hackers or malicious software. They may not keep you cloaked totally, but at least it doesn’t make it easy to break into your device and buys you time until you disconnect or go onwards on your trip.
Ignore suspicious emails or spams with attachments. Curiosity kills the cat. Don’t open any email or attachments from an unknown sender.
Use Incognito mode on your browser when accessing sensitive websites (office webmails, online banking, or cyber payments). Private browsing doesn’t allow cookies or site data to persist when you end your session. Likewise, incognito mode won’t remember files you download or take advantage of historical data. Ensure the sensitive sites you visit are prefixed with https://. Additionally, make it a habit to store the true, verified URL address into your bookmarks to prevent mis-types; also, avoid using links in search results. (Example: Assuming bpionline.com is the real address, you may inadvertently type bpionline.net or bpionlien.com which can lead you to spoofed versions of the real website).