Tips for avoiding scams and theft while traveling are a staple of the travel writing genre; pretty much every guidebook or travel website dedicates some space to the subject.
But in the 21st century, you are as much at risk of having your identity stolen—or more accurately your financial and digital identity—as you are of getting “mugged,” which almost sounds quaint these days (though I do not intend in any way to underplay the misery and danger of actually getting mugged).
Identity theft is a growing problem worldwide—especially for travelers, who are very vulnerable, forced as they are to use unsecured Internet connections, carry extensive personal documentation with them at all times, and share their credit cards with merchants about whom they know nothing and whom they’ll never see again.
Modern technology hasn’t made it any easier for honest folks to avoid identity theft, either; witness the practice of websites like Facebook and LinkedIn, which often keep you logged in to the site, even after you close your browser or turn off your computer. Someone getting unfettered access to your closest friends on Facebook could definitely shake out some very “helpful” information before you knew it.
As time and technology advance, this problem is only going to affect more travelers. Here are 11 tips to avoid identity theft while traveling, right now.
“Unpack” Critical Documents Before Travel
If you carry some essential documents with you when you are not traveling—the average wallet or purse might include a Social Security card, bank statements, medical documents, checkbook and the like—remove them before you leave home. Essentially, when it comes to documentation, you want to “unpack” before traveling.
This can also be done again once you’re on the road. If you’re going to a location that is known for pickpocketing, or is going to be packed with people, or at which you will be distracted (big concerts, crowded squares, nightclubs, etc.), you can pare down the contents of your wallet even further before venturing out from your hotel room. You can put these in your hotel safe (but use caution), behind the hotel’s front desk or in a money belt concealed on your person.
Guard Your Documents
This is one of the tips you will encounter in most travel safety articles, so I won’t go into it at length here—but suffice to say that if you leave any sensitive documents lying around in your hotel room while you are out, you are a lot more likely to experience identity theft than if you have them in a money belt, document protector, even an RFID-blocking wallet.
Be Very Careful About Shared and Insecure Internet Connections
This is one thing that I have found very difficult to do—when traveling, it is hard to find connections other than public ones at hotels, cafes, airports, you name it. To see the warning “this connection is unsecured and others may see your information” is almost a staple of the travel experience. The risk applies to anything you type into your keyboard while connected, such as email passwords and website logins.
The best approach in this case is to be very careful when using these connections; logging into your bank account, work email or other sensitive account should be avoided if at all possible. If you have no alternative, choose what you type over these open connections very carefully.
If you’re traveling with your own laptop and using free Wi-Fi, it is important to make sure your connections are secure. Some websites let you log in over open networks; always try to useinstead of (the S stands for “secure” and indicates that the data is encrypted for more protection). You can also get a plug-in for your browser like HTTPS Everywhere (Firefox, Chrome and Opera only), which will do this automatically. Another possible solution is SurfEasy VPN, which helps encrypt your data when you’re using a public connection from your own computer.
If you want more security when using someone else’s machine, such as at an Internet cafe, hotel lobby computer or other public terminal, you can try a pay service like Authentic8. Authentic8 runs the browser in a “silo” in the cloud, where all connections and data are kept secure. The service gives you a display on the local computer, and prevents things like key loggers from accessing your passwords.
Finally, here are some tips from the Federal Trade Comission on Using Public Wi-Fi Networks.
Delete All Cookies and Browsing History on Public Terminals
If you find you must use a public computer, the last thing you should do before you walk away is delete all cookies and browsing history before you log off. Many computers can cache quite a bit of significant information, and some websites are even set up to keep you logged in when you close the browser unless you specifically log off (such as Facebook and LinkedIn). Many public terminals will delete this type of data automatically, but doing it yourself offers much better peace of mind.
Use a Dedicated Travel E-mail Address
When I see messages arrive from overseas via work email accounts, I shake my head every time. If someone gets access to your work email account, the amount of damage they could do to your livelihood is inestimable. Certainly there are times when you need to log in to your work account, but you will want to use caution in the extreme at those times.
My suggestion in this case is to use a personal email address when possible while traveling, one at which you store no sensitive information and at which a fake log-in won’t be cataclysmic, and communicate from that email address exclusively. On occasion you will see addresses like johndoetravelemail@; this travel-exclusive email approach can work very well.
Use Only Bank ATMs
A recent trend among identity thieves has been to install card readers in an ATM by which they can access your card number and PIN. This happens most often at non-bank, “generic” ATMs (in hotels, convenience stores, etc.), which have less oversight and are therefore more vulnerable than bank-run and hosted ATMs. Stick with the ones at banks; these can still be compromised, but tend to be targeted by thieves much less often.
Check Your Credit Card Statements on Occasion
Even at times when you are confident in the security of your connection—perhaps in a friend’s home, or when connecting using a smartphone app over a regular cell 3G or 4G connection (which tend to be more secure than public Wi-Fi)—check your credit card statement for suspicious activity.
Identity thieves like picking travelers as victims, as they rely to some extent on the delay in being found out that is inherent to travel; most travelers don’t check bank and credit card information until well after they have returned home, giving thieves a solid head start. As a rule, the sooner you can shut down an identity thief, the better, so consider checking in now and then to make sure things look normal.
Keep Your Cell Phone Secure
We think a lot about how vulnerable our computers are, but cell phones are potentially even more so: you have them on you at all times, they’re almost always turned on and logged in, they typically have apps on them that give access to personal information, and folks leave them lying around quite a bit. If there is anything you might lose or have stolen, it is a small, compact smartphone. Some things you can do to protect yourself:
– Set a password on the phone so someone who finds or steals it can’t use it.
– Before traveling, consider deleting any especially sensitive apps, such as banking apps, social networks, etc. They are easy to reinstall when you get home.
– Specifically log out of all apps before going out and about. As above with some websites, many apps keep you logged in by default (Facebook, Twitter, Angry Birds, you name it).
– Remain wary of suspicious emails and websites. Studies indicate folks are much more likely to click on malware links on their cell phone than on their computer.
– All of the foregoing cautions about public Wi-Fi spots go for your cell phone as well.
For more on the topic, see this how-to from How to Prevent Your Cell Phone from Being Hacked.:
Protect Your Children Too
A frightening development in identity theft crimes is the use of a child’s name and identity to open bank accounts and credit cards, apply for government benefits, and more. In most cases, criminals use a child’s Social Security number to get started.
When traveling, document requirements vary widely for children—sometimes you need ID, sometimes you don’t, sometimes you can fudge it either way—but many parents travel with some form of identification just in case. Often, these are very sensitive documents like birth certificates and Social Security cards.
My advice is to get a passport for your child, and travel with that instead of any other forms of identification. Then protect your child’s passport in the same way you would your own.
If anyone requests your child’s Social Security number for any reason, ask if they can accept another form of ID, or simply refuse to surrender the number. If you suspect your child’s identity may have been compromised, in most cases a credit check is the quickest way to find out; your child should have no substantive credit rating whatsoever. For more on the topic, see the FTC’s information on Child Identity Theft.
Change Passwords and PINs
You may want to change your passwords after a trip; identity thieves are thought to be very patient criminals, and often wait until you are less likely to pay attention after a few weeks at home.
If you really like your password or PIN, one approach might be to change them right before you leave, use a new password while traveling and then change them back to your preferred passwords when you get home.
Follow up After Your Trip
When you get home, check bank activity, credit card activity and even medical insurance claim activity to see if there is anything you do not recognize. These are often the first places you’ll see indications of identity theft. Some thieves will purposely use your information in situations where the paper and digital trail will only appear slowly—establishments that submit charges and claims manually (or at least not in real time)—so it is a good idea to check again after a couple of weeks to make sure nothing has shown up in the meantime.
Hopefully these tips help you avoid trickery like the video below—safe travels!