9 Ways to Prevent Identity Theft While Traveling

If you carry some essential documents when you are not traveling (the average wallet or purse might include a Social Security card, bank statements, medical documents, checkbook and the like), remove them before you leave home. Essentially, when it comes to documentation, you want to “unpack” before traveling.

This can also be done again once you’re on the road. If you’re going to a location that is known for pickpocketing or is going to be packed with people, or at which you will be distracted (big concerts, crowded squares, nightclubs, etc.), you can pare down the contents of your wallet even further before venturing out from your hotel room. You can put these in your hotel safe (but use caution), behind the hotel’s front desk, or in a money belt concealed on your person.

If you are worried about not having these documents handy, simply store photos of them in an encrypted file for safekeeping and easy access.

This is one of the tips you will encounter in most travel safety articles, so I won’t go into it at length here—but suffice it to say that if you leave any sensitive documents lying around in your hotel room while you are out, you are a lot more likely to experience identity theft than if you have them in a money belt, document protector, even an RFID-blocking wallet.

This is one thing that I have found very difficult to do—when traveling, it’s hard to find connections other than public ones at hotels, cafes, airports, you name it. To see the warning “this connection is unsecured and others may see your information” is almost a staple of the travel experience. The risk applies to anything you type into your keyboard while connected, such as email passwords and website logins.

The best approach, in this case, is to be very careful when using these connections. If possible, avoid logging into your bank account, work email, or other sensitive accounts. If you have no alternative, carefully choose what you type over these open connections.

If you want more security when using someone else’s machine, such as at an Internet cafe, hotel lobby computer or another public terminal, you can try a pay service like NordVPN, ExpressVPN or ProtonVPN. These will encrypt your internet traffic, and keep your browsing private on a public network.

Finally, here are some tips from the Federal Trade Commission on Using Public Wi-Fi Networks.

If you find you must use a public computer, the last thing you should do before you walk away is delete all cookies and browsing history before you log off. Many computers can cache quite a bit of significant information, and some websites are even set up to keep you logged in when you close the browser unless you specifically log off (such as Facebook and LinkedIn). Many public terminals will automatically delete this type of data, but doing it yourself offers much better peace of mind. Most browsers have a private or incognito mode, which allows you to use the internet without storing your browsing history, cookies, and other data.

When I see messages arrive from overseas via work email accounts, I shake my head every time. If someone gets access to your work email account, the amount of damage they could do to your livelihood is inestimable. Certainly, there are times when you need to log in to your work account, but you will want to use caution in the extreme at those times.

My suggestion, in this case, is to use a personal email address when possible while traveling, one at which you store no sensitive information and at which a fake log-in won't be cataclysmic, and communicate from that email address exclusively. On occasion you will see addresses like [email protected]; this travel-exclusive email approach can work very well.

Identity thieves count on distracted or offline travelers, so it’s crucial to monitor your accounts while you're away—and after you get home.

Use mobile banking apps to check for unfamiliar charges regularly. If available, turn on real-time transaction alerts. After your trip, review your credit card, bank, and even insurance statements carefully. Some scammers delay using your information, hoping you'll stop paying attention once you're home.

If anything looks suspicious, immediately report it to your bank or card provider. The faster you catch fraud, the better your chances of limiting the damage.

Related:ATMs Abroad: What You Need to Know

We think a lot about how vulnerable our computers are. Still, cell phones are potentially even more so: you have them on you at all times, they’re almost always turned on and logged in, they typically have apps that give access to personal information, and folks leave them lying around quite a bit. If there is anything you might lose or have stolen, it is a small, compact smartphone. Some things you can do to protect yourself:

• Enable biometric security features such as Face ID or fingerprint scanning. These are harder to bypass than a PIN or pattern unlock and can keep your device protected even if it's physically stolen. Set a strong alphanumeric backup password or passcode in case facial or fingerprint recognition fails.
  

• Set a password on the phone so someone who finds or steals it can’t use it.

• Before traveling, consider deleting any especially sensitive apps, such as banking apps and social networks. They are easy to reinstall when you get home.
  

• Specifically, log out of all apps before going out and about. As above with some websites, many apps keep you logged in by default (Facebook, Twitter, Angry Birds, you name it).
  

• Be wary of suspicious emails and websites. Studies indicate that people are much more likely to click on malware links on their cell phones than on their computers.
  

• All of the foregoing cautions about public Wi-Fi spots go for your cell phone as well.
  

• Before your trip, enable your phone’s remote tracking and wipe capabilities:
  

• For iPhones: Turn on Find My iPhone in your iCloud settings.
  

• For Android: Activate Find My Device in your Google settings.
  These tools allow you to locate your phone on a map, remotely lock it, or erase all data if you can't recover it. In a worst-case scenario, remote wipe gives you peace of mind that your personal data won't fall into the wrong hands.

• When communicating abroad—especially over public Wi-Fi—use end-to-end encrypted apps like Signal or WhatsApp. These apps scramble your messages so that only you and the intended recipient can read them, protecting your conversations from prying eyes. Signal is especially privacy-focused, storing minimal user data and offering features like disappearing messages.

• Avoid sending sensitive information—like passport numbers or banking details—through email or text. Use secure apps; better yet, don’t send that info digitally unless absolutely necessary.

A frightening development in identity theft crimes is the use of a child’s name and identity to open bank accounts and credit cards, apply for government benefits, and more. Criminals usually use a child’s Social Security number to get started.

When traveling, document requirements vary widely for children—sometimes you need ID, sometimes you don’t, sometimes you can fudge it either way—but many parents travel with some form of identification just in case. Often, these are very sensitive documents like birth certificates and Social Security cards.

My advice is to get a passport for your child and travel with that instead of any other forms of identification. Then, protect your child’s passport in the same way you would your own.

If anyone requests your child’s Social Security number, ask if they can accept another form of ID or refuse to surrender the number. If you suspect your child’s identity may have been compromised, in most cases, a credit check is the quickest way to find out; your child should have no substantive credit rating. For more on the topic, see the FTC’s information on Child Identity Theft.

You may want to change your passwords after a trip; identity thieves are thought to be very patient criminals and often wait until you are less likely to pay attention after a few weeks at home.

If you really like your password or PIN, one approach might be to change them right before you leave, use a new password while traveling and then change them back to your preferred passwords when you get home.

If you are afraid you will forget your new password, use a password manager like 1Password or Bitwarden to keep track of all your passwords.

Turn on a two-factor authentication for added security.

Is it safe to use public Wi-Fi while traveling?

Public Wi-Fi—like the kind at hotels, airports, and cafes—is notoriously insecure. Hackers can intercept your data or create fake Wi-Fi networks that look legit. If you must use public Wi-Fi, avoid logging into sensitive accounts and always use a trusted VPN (Virtual Private Network) to encrypt your connection.

How can I protect my credit card information abroad?

Use RFID-blocking wallets, stick to bank-operated ATMs, and enable real-time transaction alerts through your bank’s mobile app. Avoid handing over your card in situations where it leaves your sight, and consider using mobile payment methods like Apple Pay or Google Pay, which tokenize your card data.

What if I lose my phone while traveling?

Enable Find My iPhone (Apple) or Find My Device (Android) before your trip so you can remotely locate, lock, or wipe your phone. Also, set a strong passcode and turn on biometric security features like Face ID or fingerprint unlock. Back up your data before leaving home, just in case.

Can my child’s identity be stolen while we travel?

Yes—children are increasingly targeted by identity thieves using Social Security numbers or other personal data. Instead of traveling with sensitive documents like birth certificates, get your child a passport and protect it like you would your own. If someone requests your child’s SSN, ask if another form of ID will suffice.

What should I do if I suspect identity theft while abroad?

Act fast. Contact your bank or credit card company to freeze your account. Use your phone’s tracking feature to lock or erase it if needed. File a report with the local police and contact the Federal Trade Commission (FTC) at identitytheft.gov when you return home.

• 12 Life-Saving Travel Hacks for Your Next Trip
• 10 Surprising Countries That Are Risky for Travel, According to the State Department
• Here's How a Government Shutdown Affects Your Travel