Scammers want to wreck your business, vacation travel

FTC, FBI warn of unwanted travel companions: scammers, fraudsters.

Yes I suppose it is what it is, but sadly you can't travel on business or vacation and let your electronic guard down.

The Federal Trade Commission recently published a few scams it was warning travelers to be on the lookout for including:

The late night front desk call: You think you're getting a late-night call from the front desk telling you there's a problem with your credit card, and they need to verify the number, so you read it to them over the phone. But it's really a scammer on the line. If a hotel really had an issue with your card, they would ask you to come to the front desk.

+More on Network World: FBI warns businesses "Man-in-the-E-Mail" scam escalating+

The pizza delivery deal: In another scam, you find a pizza delivery flyer slipped under your hotel door. You call to order, and they take your credit card number over the phone. But the flyer is a fake, and a scammer now has your info. Before you order, make sure you check out the business, or get recommendations from the front desk.

The fake Wi-Fi network: You search for Wi-Fi networks and find one with the hotel's name. But it turns out it's only a sound-alike and has nothing to do with the hotel. By using it, you could give a scammer access to your information. Check with the hotel to make sure you're using the authorized network before you connect.

No skim zone: Scammers use cameras, keypad overlays, and skimming devices -- like a realistic-looking card reader placed over the factory-installed card reader on an ATM or gas pump -- to capture the information from your card's magnetic strip without your knowledge and get your PIN.

Laptop larceny: If you travel with a laptop, keep a close eye on it -- especially through the shuffle of airport security -- and consider carrying it in something less obvious than a laptop case. A minor distraction in an airport or hotel is all it takes for a laptop to vanish. At the hotel, store your laptop in the safe in your room. If that's not an option, keep your laptop attached to a security cable in your room and consider hanging the "do not disturb" sign on your door.

Hijacked Ads: Some scammers hijack a real rental or real estate listing by changing the email address or other contact information, and placing the modified ad on another site. The altered ad may even use the name of the person who posted the original ad. In other cases, scammers have hijacked the email accounts of property owners on reputable vacation rental websites.

Phantom Rentals: Other rip-off artists make up listings for places that aren't for rent or don't exist, and try to lure you in with the promise of low rent, or great amenities. Their goal is to get your money before you find out.

The FBI a while back warned travelers of malicious software infecting laptops and other devices linked to hotel Internet connections. At the time the FBI wasn't specific about any particular hotel chain, nor the software involved but stated "malicious actors are targeting travelers abroad through pop-up windows while they are establishing an Internet connection in their hotel rooms."

The FBI recommends that all government, private industry, and academic personnel who travel abroad take extra caution before updating software products through their hotel Internet connection. Checking the author or digital certificate of any prompted update to see if it corresponds to the software vendor may reveal an attempted attack. The FBI also recommends that travelers perform software updates on laptops immediately before traveling, and that they download software updates directly from the software vendor's website if updates are necessary while abroad."

The FBI said typically travelers attempting to set up a hotel room Internet connection were presented with a pop-up window notifying the user to update a widely used software product. If the user clicked to accept and install the update, malicious software was installed on the laptop. The pop-up window appeared to be offering a routine update to a legitimate software product for which updates are frequently available.

Join the CSO newsletter!

Error: Please check your email address.

Tags network securityFederal Trade Commissionsecurity

More about FBIFederal Trade Commission

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Michael Cooney

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts