Skip to main content

Staying Cyber Safe When Traveling


Published July 22, 2019 • 4 Min Read

This article originally appeared on RBC Cyber Security Resource Centre on July 22, 2019.

Summer is here and with it comes vacation plans for many. If you’re looking to take some time away from work and home, you’re likely making plans to secure your home, have pets taken care of, and tie up loose ends at work. But how about securing your devices and your personal data while you’re away?

Here are some cyber security-themed travel tips to consider as you eagerly plan your next adventure:

Keep your travel plans private

The lead-up to the vacation is almost as exciting as the vacation itself. It’s hard not to get swept up in the excitement and jump on Facebook to tell all your friends about your upcoming trip. The problem is, unless you have very strict privacy settings, people who aren’t your friends could see that announcement, too. And really, how well do you know that girl you passed in the hallway in high school 30 years ago?


Discussing your travel plans (specifically the dates you’ll be gone) opens you up to a physical security issue. Criminals are known to watch social media in order to target homes they know will be vacant for robbery. So best to wait until you get back until you start posting those trip photos.

Beware of fraudulent booking sites

It’s rare to plan a trip these days without online booking — but online travel booking sites are increasingly targeted by criminals. A study by the American Hotel & Lodging Association found that rogue travel scams steal $5.7 billion in fake hotel bookings each year.

With new chip and pin cards, it’s become much more difficult for thieves to steal credit card numbers at point-of-sale locations — and that’s why thieves are now focusing on websites, explained Karl Mattson, chief information security officer at City National Bank.


“Any website where you’re entering card data is risky,” 

Mattson said. He suggested using alternative payment methods, such as PayPal, ApplePay and Zelle, to avoid entering your credit card information online. These methods are less susceptible to fraud, Mattson said.

Don’t forget about your unused loyalty points

If you’re a frequent traveler, you likely have digital items of value to criminals, such as frequent flyer miles and other loyalty points and memberships. ThreatMetrix estimates there are more than $50 million in travel industry loyalty points lying dormant in accounts, ripe for takeover by fraudsters who sell them at rock bottom prices on the dark web, or use them to buy an array of retail merchandise.

For instance, according to a Toronto news report, one man and woman allegedly stole $23,000 worth of merchandise through the Air Miles website by using stolen points at various retail stores. If you’ve racked up loyalty points through a favourite airline or hotel chain, those points could be vulnerable.


“Keep your boarding pass private, as it may include identification that would make it easier for thieves to not only access your frequent flyer account but other personal information as well. Never post a boarding pass photo online, and securely dispose of your pass after a flight.” 

— said Frank McKenna, Senior Director, Corporate Security Management.

Also, use a strong password for your frequent flyer account and set up alerts for fraudulent activity on your account, just as you would for a bank account.

Be proactive!

Take proactive steps to secure your devices and your personally identifiable information before you travel.

While your phone’s physical safety is important, it’s equally as important to protect the data you have stored on it; everything from your passwords, to credit cards numbers, and bank account details.


Keep your mobile software updated

When travelling treat your mobile device like your home or work computer, explained McKenna. Keep your operating system software and apps updated, which will improve your device’s ability to defend against malware. Back up your information. Back up your contacts, photos, videos and other mobile device data with another device or cloud service.

This article is intended as general information only and is not to be relied upon as constituting legal, financial or other professional advice. A professional advisor should be consulted regarding your specific situation. Information presented is believed to be factual and up-to-date but we do not guarantee its accuracy and it should not be regarded as a complete analysis of the subjects discussed. All expressions of opinion reflect the judgment of the authors as of the date of publication and are subject to change. No endorsement of any third parties or their advice, opinions, information, products or services is expressly given or implied by Royal Bank of Canada or any of its affiliates.

Share This Article


Cyber Tips Travel Tips