Most of us travel for longer holidays or business trips, at least a few times a year. It is likely that during such a trip or a small break between travelling, many will decide to grab a moment and write one last email or finish some task.
For this reason, in this article, we will focus on the dangers that can lurk on us in public spaces, precisely when we travel, either on trains or while in a cafe.
You’ve certainly used public Wi-Fi at least once in your life.
Perhaps you had to check the train schedule, or maybe you wanted to scroll through your favourite social media.
However, has it occurred to you, to consider what are the consequences of using an open Wi-Fi network (by open Wi-Fi, I mean one that doesn’t need any password to connect and one to which the password is available to everyone).
The problem is that we don’t really know, at first, who is connected to such a network, and second, we don’t know if the PKP_Free_Wifi network is a network set up by PKP.
Using such a network can be compared to letting a cybercriminal into our home network, yet we wouldn’t want a stranger to be able to overhear what we do online. Of course, we can’t immediately say that every public network is created by, e.g. a hacker, however, I personally think that this approach is better than connecting to open networks. Having said that, to give a better idea of the potential dangers of using public Wi-Fi networks, I’ve outlined two major attacks below:
This attack commonly consists of cybercriminals creating their hotspot or using the Evil Twin attack. Cybercriminals will create fake Wi-Fi networks that look like the real ones (such as a hotel network) but are controlled entirely by an attacker.
The whole thing can also be done on real Wi-Fi networks.
Once connected to such a network, the offender is able to intercept and modify communications between the person using the network and, for example, the site to which you are connecting.
MITM requires placing an attacker or specific malicious tools between the victim and a targeted resource, such as the victim’s website or email program.
At first it is worth explaining that Captive portal is a page which appears to newly connected Wi-Fi users. On this page, sometimes you need to log in, and sometimes you just have to accept the terms and conditions.
If you “copy” a real Wi-Fi network with a captive portal where you have to be logged in, there is a possibility for Phishing, which I have written about in previous articles in the CyberLabs series.
Another way for an attacker to exploit a captive portal is to create one with malicious code that will try to take over our browser, giving new capabilities to an attacker.
A captive portal is a website that is often displayed before accessing the Internet on public networks at airports, hotels or libraries.
As we can see, the two presented attacks can cause us a lot of problems, so it’s advisable to keep them in mind the next time we want to use a public Wi-Fi network.
However, these are not the only threats we are exposed to while traveling…
Maximize your email deliverability and security with EmailLabs!
It may seem that the cord you just borrowed to charge your phone is nothing more than an ordinary one, and the flash drive you found on the sidewalk may contain data about the person who lost it, so some of you will probably plug it into your computer to see what is on it (if only out of human curiosity).
If we do this, and the whole situation is not a coincidence, we can expect computer infection or data exfiltration. Such devices these days can be bought by anyone for little money, so the chances of an attack are much higher. However, the devices that can be potentially dangerous are worth knowing:
This group can include such devices as MalDuino, Rubber Ducky and Bash Bunny. Those are devices that look like ordinary flash drives, but when plugged into a computer, they perform pre-set actions such as downloading and running malware.
Some such tools can also be remotely controlled and send various commands in real-time to a device. More importantly, they are not recognized as storage devices but as keyboards, which means that USB port blocking (which usually involves detecting devices that are storage) will not work in this case.
Once connected to an attacked computer, BadUSB can discreetly execute malicious commands or inject malicious payloads.
These are cables with the help of which we can, of course, charge, for example, a phone or transfer some data. However, inside is an implant by which the cable performs certain actions as described in the previous example.
Some of today’s laptops do not have an input for an Ethernet cable. Network adapters come to our aid. However, there are adapters that, when connected, will give remote access to a device of an attacker. It is rather unnecessary to explain here the consequences that can follow this incident.
Cybersecurity threats, however, are not the only dangers that can lurk on us. Travelling, particularly during the upcoming holidays, is also a time when we experience increased luggage thefts, bags, etc.
Obviously, it may happen that we will simply forget to take, for example, a backpack from a restaurant. When we will return to the restaurant, we may already find out that our property has disappeared. If phones or laptops are stolen, this can lead to serious data leaks. Thus, it’s worthwhile to secure ourselves in advance properly.
Clearly, I mean securing our devices so that third parties do not have access to our data when stolen.
So it’s worthwhile to protect ourselves against this in advance at every step properly. Of course, I’m thinking here of securing our devices so that after theft third parties do not have access to our data, with help here comes software that we can install on a computer or smartphone.
This is probably one of the basic security features we should use in all devices or external storage. Thanks to encryption, our data will be secured appropriately. For encryption, we can use either the BitLocker software available for Microsoft systems or the VeraCrypt software.
Security vulnerabilities allow hackers to gain access to the drive and copy data without the need for a password.
If someone gains access to our computer, make sure that passwords are not kept in a notepad. Hence, we should use password managers, which are safe for our passwords and additionally support 2FA so that they are even more protected. While using a password manager, avoid saving passwords in the browser.
Two-factor authentication is one of the best ways to protect against phishing, social engineering and authentication theft.
During travels, especially the longer ones, we have a lot of time, which somehow we want to spend. In such situations, we usually reach for our phones, tablets or laptops, either for work or simply “Internet browsing”.
We usually don’t want anyone to look into our devices and see what we are doing. However, I’m sure, more than once, you’ve noticed people who simply showed everyone around them what they’re actually doing on their devices.
In the previous article of CyberLabs series, I brought up the topic of social engineering and how a professional social engineer can manipulate us.
My advice is to sit in public places, if possible, in a way that prevents someone from standing behind you. In such situations, the filter will not work. Nonetheless, it is worth having the mentioned filter on your screen.
Maximize your email deliverability and security with EmailLabs!
In a previous article in the CyberLabs series, I zoomed in on the topic of social engineering and how a professional social engineer can manipulate us (Social engineering or hacking people’s minds).
In terms of travel, techniques of social engineering attacks can focus mainly on trying to convince us to lend a laptop or a phone under some excuse. If we agree to this, and on top of that, we won’t look at our devices, we can either end up losing the equipment through a physical theft, or in a short period of time, our device can be infected as well, or specific data can be exfiltrated (such as a password file).
Nowadays, when we pay for practically everything either by card or by online payments, we are exposed to the risks of skimmers. The skimmers can be divided into two types:
These are overlays on various elements of ATMs, payment terminals that are designed to read data from cards. Often they are glued very quickly so they can be “ripped off” without much difficulty. Therefore, it’s worth to take a look before withdrawing money from an ATM, if any elements look suspicious (e.g. card entry coming off).
Usually such skimmers are used in fake online stores, but they can also appear on real websites that have been taken over by cybercriminals. This is usually a malicious JavaScript code that takes the card data we provide and sends it to a server controlled by the offender.
If possible, do not use public Wi-Fi networks, instead, you can create your own hotspot (plus remember to hide its name – SSID).
When travelling, it’s a good idea to bring your own adapters, charging cables, etc. However, if we need to someone else e.g. cables, in such case borrow them from trusted people.
Flash drives of various kinds can be purposely distributed. Here the attacker is counting on our curiosity which will lead to connecting such a device to your computer. Under no circumstances should we do this if we do not know the source of the device.
Don’t leave your luggage unattended. Ladies who use handbags should remember to put their bags on their shoulders and keep them close. If we carry backpacks, make sure to wear them on both shoulders. Such behaviour will definitely make it more difficult, e.g., for our belongings to be snatched.
Let’s remember to encrypt our data! Once the devices with our data are stolen, a third party will not be able to access the information stored there easily.
Use the privacy filter on our laptops. Such filters are mainly useful when working in public places where a lot of people can look at our computers.
Before withdrawing money from ATMs, verify whether the device looks suspicious. You can also try pulling, for example, the part where you insert your card.
With online skimmers, it’s worth paying attention to whether you actually shop on trusted sites; if you own such sites, it’s worth conducting regular penetration tests aimed at finding as many bugs as possible that could be exploited by a cybercriminal precisely to embed an online skimmer.
Stay Secure! 👾
Security Manager
He was supposed to be an architect in the past, but life has made him an ethical hacker. He likes to know how something is built so that it is easier for him to break it later. Daily, he performs penetration testing at Vercom so that all applications are secure and users don't have to worry about their data security. After work, he spends most of his free time developing and acquiring new skills to find vulnerabilities even more efficiently.
See more articles
Gmail has announced significant changes in the requirements for email senders to maintain a good reputation and proper classification of messages in user inboxes starting from February 1, 2024....
Vercom S.A. public joint-stock company to which the EmailLabs project belongs, has been assessed and certified to be compliant with the ISO/IEC 27001 and ISO/IEC 27018 standards. The Vercoms’...
The increasing number of phishing attacks each year, and the projection that this trend will continue to escalate, aren’t likely to astonish anyone. This can be attributed, in part,...
Out of all the things that can go wrong when sending out marketing emails, having your emails end up in the recipient’s spam folder is arguably the most dreaded...
Email Authentication, Security
DMARC is an email authentication protocol that is designed to give domain owners the ability to protect their domain from unauthorized use, commonly known as email spoofing. Spoofing occurs...
With the emergence of the Covid-19 pandemic, many brands have been challenged to adapt in a short period to the changed reality and new consumer attitudes. That meant reorganizing...
Best practices, Email Marketing
B2B email marketing – it’s a term you’ve likely heard before, but what does it really entail? And, more importantly, how can it be done effectively? In this article,...
Deliverability, Sending Reputation
Email sender reputation is one of the most important factors that can determine whether your emails reach the intended recipient or not. So, what is the email sender reputation,...
Email Authentication, Sending Reputation
In the realm of email, sender authorization is a powerful tool wielded by local and global providers like Gmail, Yahoo, and AOL to combat spam. Additionally, as an authenticated...
Best practices, Email Marketing
B2B email marketing – it’s a term you’ve likely heard before, but what does it really entail? And, more importantly, how can it be done effectively? In this article,...
Deliverability, Sending Reputation
Email sender reputation is one of the most important factors that can determine whether your emails reach the intended recipient or not. So, what is the email sender reputation,...
Email Authentication, Sending Reputation
In the realm of email, sender authorization is a powerful tool wielded by local and global providers like Gmail, Yahoo, and AOL to combat spam. Additionally, as an authenticated...
As an integral part of your email infrastructure, SMTP and SMTP port numbers are not just for tech whizzes – they’re important for anyone using email. You’ve likely heard...
Ever wondered why you can’t attach a movie to an email? Or why won’t that PowerPoint presentation just send? It all comes down to the maximum size of email...
One of the most dire situations a business can face is unauthorized access to its company network. This breach can lead to the theft of valuable intellectual property and...
The Simple Mail Transfer Protocol (SMTP) holds significant importance in the realm of email communication. As a vital component of mail servers, SMTP takes charge of sending, receiving, and...
The significance of email protection and data security is growing exponentially in today’s digital world, with StartTLS emerging as a key player in this arena. As an encryption protocol...
Best practices, Sending Reputation
Are your email campaigns not getting the results you were hoping for? Low open rates and high bounce rates can be frustrating, but it may be possible to turn...
