A cybersecurity has expert revealed how sharing photos from the airport as you prepare to jet off on holiday could put you at risk.
Amir Tarighat, from New York, who is the CEO of cybersecurity firm Agency, revealed hackers can gain access to personal information about you from your boarding pass.
He claimed that people can actually find your address, phone number and email address from the limited information on your travel document.
He told USA Today that people mistakenly think that the limited amount of information on a boarding pass isn’t enough for scammers to use, but that’s not the case.
‘Attackers can very easily bring up the rest of the things they need to know about you from public records, like your date of birth, your address, phone number,’ he said.
This information can also be cross referenced with previous data breaches.
He added that scammers could also use the information that you’re going on holiday to infiltrate your workplace.
‘They can use that information in social engineering, phishing and spam emails to other employees who work at the company and say, like, “Amir’s in Paris this week”, or whatever, and use that information to get you to do something,’ he explained.
This could involve giving them access to data or an account, or sending them money.
Tarighat stressed the importance of having preventative measures in place, such as two-factor authentication on all accounts and strong passwords.
The warning adds to previous advice from an Australian tech expert who revealed a simple step to follow to avoid losing thousands of dollars to slick cyber criminals.
Hacker Alex Hope said it was vital for all online users to use the two-factor authentication security process when typing in their personal login details.
‘That way each person has their own email (address), password and then you will also be sent a six digit unique code (in a text message) before logging in,’ he said on Sunrise.
‘It makes it harder for hackers to (potentially) access your details.’
Two factor authentication provides an extra layer of security to protect against account hijacking. It also leaves users feeling at ease when they are using personal or business financial websites.
Hope also stressed the importance of not inadvertently uploading personal details on different forms of social media.
‘I would try to avoid posting any information which could easily identify you,’ he said. ‘Never post things like your email, personal address or phone number.’
In March 2020, Hope attracted global headlines after successfully uncovering the details of former Prime Minister Tony Abbott from his Qantas boarding pass in just 45 minutes.
It followed the politician sharing a snap of his boarding pass on Instagram.
Top tips to protect yourself online
*Enable Two-Step Authentication
* Check a Site’s Secure Sockets Layer (SSL) Certificate
* Don’t Save Financial Information on Shopping Sites
*Be Careful Who You Trust
* Create Strong, Unique Passwords
Speaking on a blog post, Hope revealed he was able to access Mr Abbott’s personal information by simply using the booking reference printed on the boarding pass.
‘In seconds I had Tony Abbott’s passport number, phone number and weird Qantas messages about him,’ Hope said.
‘Anyone who saw that Instagram post could also have them.’
Hope then got in contact with Mr Abbott’s staff, Qantas and the Australian Signals Directorate, who all thanked him for bringing the issue to their attention.
He also spoke to Abbott personally about his online ‘detective work’, which Hope labelled ‘humanising.’
‘When I’d collected myself from various corners of the room, he (Abbott) asked if there was a book about the basics of IT since he wanted to learn about it.
‘It made me realise that even famous people are just people too.’ he told SBS’ The Feed.
Hackers can use personal details to access people’s online banking accounts, or pose as them for internet transactions.