When travelling, you may be more vulnerable to a cyber attack. Your electronic devices contain personal data and using public networks can be a risk. Cybercriminals will target anyone to steal information or money.
Whether you’re going interstate or overseas, make sure to secure your devices. Especially if you have access to sensitive data on them, such as identity documents or work files.
Follow the basics tips in this guide or learn more about travelling with mobile devices.
Before you travel
Travelling can be a stressful experience. Secure your data, accounts and devices before you leave to help reduce the chance of a compromise.
Create a backup of your data that you can keep secure at home. Also, leave behind any information or devices you don’t need. This limits how much data is at risk if someone steals or compromises your devices.
Learn more about backups.
Turn on multi-factor authentication (MFA) for your accounts. MFA is when you need 2 or more steps to verify your identity before you can log in. For example, using your login details as well as an authentication code. Learn more about MFA.
Avoid using SMS as an MFA method as it is less secure. Also be aware you need to enable international roaming to get SMS overseas.
Where MFA isn’t an option or you need to disable it before travel, use a strong password such as a passphrase. A passphrase is a string of random words like 'crystal clay onion pretzel'. It should be long, unpredictable, unique and should not include personal details.
Secure your devices with a PIN or passphrase. Make it hard to guess and don’t include personal details such as your date of birth. Make sure your devices are set to lock automatically after a short time (less than 5 minutes).
For more security use biometrics if your device supports it, such as your fingerprint. But check the laws of where you are travelling. Some countries may force you to unlock your device if you use biometrics. To avoid this, you can disable biometrics and use a PIN or passphrase instead. To get travel advice for your destination, visit Smartraveller.
For more protection against unwanted access, encrypt your devices. It means if a device was compromised your data stays secure. If you do encrypt your devices, make sure to back up your recovery keys. If you lose the keys, you won’t be able to use your device until you factory reset it or reinstall the operating system.
Learn more about how to secure your device.
Update any devices you are travelling with so they have the latest security. Check automatic updates are on and install updates as soon as possible. The longer you leave it, the more vulnerable you could be to a cyber attack.
Learn more about updates.
Confirm you have installed antivirus software and that it is working. Your devices may already have it installed by default.
If you decide to use third-party antivirus software, make sure to research and choose a reputable provider.
Learn more about antivirus software.
Consider using a device that is only for travel, such as a burner phone (a cheap phone you can dispose of). This should not have any personal data on it, including accounts or password managers. If someone gains unauthorised access to your device, there is less sensitive data at risk.
While you travel
Remember to stay vigilant with your security while on your trip with the following tips. This is the period you will be most vulnerable to cyber threats.
Lock your devices whenever you leave them unattended. Even if it is only for a short period. Make sure your devices are set to automatically lock after a short time (less than 5 minutes).
Try not to leave your devices in your room when you go out, even if there is a hotel safe. When in transit, always keep your devices on you or in sight.
Avoid using public devices such as computers in a hotel business centre. These devices could have malware installed and using them can put your accounts at risk.
If you must use a public device, try not to log into your accounts or input personal information. If you do log in, don't save your login details and remember to log out when done.
Never use someone else’s peripherals such as chargers, cables and other removable devices. Public charging stations and ports could also put your data at risk. Buy peripherals from reputable stores if you need them.
Avoid using portable storage devices such as USB drives. These are easy to lose, steal or infect with malware. Use more secure methods of file transfer and storage such as cloud services.
Avoid accessing sensitive information in public spaces such as airports and hotel lounges. You could expose information to anyone passing by. Wait until you are in a more private location or consider using a privacy screen protector.
Make sure to back up your data often while travelling. If something happens to your device, you can restore important data such as photos and files. Create backups using a secure cloud service or an external storage device. You can turn on automatic backups to reduce the risk.
Learn more about backups.
Be careful of sharing your location and personal information on social media. This includes details such as your flight number, hotel check-in or photo metadata. Someone could use this information to target you.
Find out how to secure your social media.
Public networks are convenient but can also be unsecure. Cybercriminals will target public networks to gain access to your sensitive information. If you are working in public spaces such as an airport or café, avoid using their Wi-Fi or use a VPN. Before using a VPN, check local laws to make sure it is legal in your current location.
Only use trusted networks such as your mobile data and personal hotspot. Where this isn’t an option, think twice about what you share or access on a public network.
Consider turning off Wi-Fi, Bluetooth and near-field communication (NFC) on your devices when not in use. Cybercriminals could use these to hack your device or make unauthorised transactions.
Learn more about public Wi-Fi and hotspots.
Case study: Identity theft from using public Wi-Fi
A NSW man owed over $7000 in fees to a company for gift cards and subscriptions he didn’t buy. The recipients for these purchases went to unknown email addresses.
After investigating, he found several inquiries on his credit report. These happened around the same time as the sale of the gift cards and subscriptions. The first inquiry happened not long after he had used his laptop on a trip.
When connected to the public airport Wi-Fi, he had sent his ID documents to his parents. These included his passport and birth certificate. Using the airport Wi-Fi may have let cybercriminals access his IDs and steal his identity.
While travelling you should be alert for signs of compromise, such as:
- devices or apps keep crashing
- suspicious adverts or pop-ups
- unexpected activity on your accounts
- unknown emails in your sent folder
- excessive battery or data usage when using your device
- devices are hot to the touch when idle.
If you believe you may have been compromised, follow our advice on how to report and recover.
After you travel
When you have returned home, you should still be alert to the possibility of a compromise. To further secure your devices, consider:
- changing the PINs and passwords for your devices and accounts
- disposing of your burner phone if you used one, including any SIM cards, eSIMs or microSD cards
- wiping any removable storage used when travelling, such as USB drives or SD cards.
Recover from a suspected incident
It is important to act as soon as you believe someone has access to your accounts or devices. Log out of the compromised device and don’t use it to change your passwords.
Find out if you have been hacked and report the incident below. If you need more help, you can call our cyber security hotline on 1300 CYBER1 (1300 292 371).
More information
How to secure your devices
Protect your sensitive data and accounts. Learn how to secure your devices such as your computer, mobile phone and Internet of Things devices.
Secure your mobile phone
The security of your mobile phone can be as crucial as your computer. Follow these steps to protect your phone or tablet from cybercriminals.
Security tips for remote working
As an employee, you may be more at risk when working away from the office. Learn how to stay secure while working from home or remotely.
Cyber security when travelling overseas
Visit Smartraveller for more tips on how to protect your devices and data when travelling.