Travel is an enriching experience that broadens horizons, fosters cultural awareness, and encourages personal growth. It also builds relationships and facilitates knowledge sharing, especially in business contexts. However, these benefits come with risks. Travel exposes individuals to unfamiliar environments with potential dangers such as political unrest, crime, health concerns, and environmental incidents. For business travellers, personal risks may end up jeopardising corporate reputation. Awareness of the evolving risk landscape is therefore essential, whether it be new criminal technologies, regional disputes, terrorist threats, or health warnings, particularly post-COVID. Staying informed about potential threats and devising strategies to mitigate their impact is crucial. In the following article Valkyrie explores some of the evolving threats impacting travellers and provides some actionable steps to ensure an enjoyable travel experience.
Virtual Kidnap
Generally speaking, travellers are vulnerable to theft and other crimes due to their unfamiliarity with new environments or being perceived as a ‘wealthy target’. In some scenarios law enforcement may be unhelpful or even complicit in criminal activities. An increasingly common crime involving travellers is virtual kidnapping. It involves criminals convincing victims that a loved one has been kidnapped, relying on confusion and speed to secure payment before the victim can confirm the story.
In the most sophisticated cases, criminals target their victims when they know the alleged ‘kidnap victim’ cannot be contacted. This relies on extensive online research, often using social media to track an individual’s activities. By gathering personal information such as relationships and locations, criminals can create a credible narrative. For instance, knowing someone is on a solo trip across Europe then contacting their family, demanding an urgent need for ransom while the traveller may be out of reach.
Criminals also use AI and deepfake technology to enhance their schemes. Deepfakes can make extortions more convincing by mimicking family members. These technologies are increasingly accessible, making it easier for criminals to create realistic scenarios. The prevalence of virtual kidnappings is hard to quantify due to underreporting, but the threat is growing. If suspicious, it is vital to stay composed, verify the caller’s identity, and insist on direct communication with the alleged victim. Contacting authorities and ceasing communication with the extortionists is imperative.
Cybersecurity
The reliance on digital tools and connectivity exposes travellers to cybersecurity threats, such as data theft and cyber-attacks. Educating individuals and employees about these risks is fundamental. At a basic level, travellers should use clean devices, ensure personal and sensitive information is sanitised, and use VPNs for secure data transmission.
Public USB charging ports, common in airports and other high-traffic areas, pose significant security risks, such as “juice jacking,” a cybersecurity threat where malicious actors install malware or steal sensitive data during charging. USB data blockers offer a crucial defence against data theft, ransomware, spyware, and worms. They ensure only power flows through the USB cable, blocking any potential data transfer and keeping your device secure from cyber threats on the go.
Accessing free public Wi-Fi also poses risks. Avoid sending sensitive information over public networks and always consider the security of the information being transmitted. If you don’t know it, don’t connect to it. Try not to use public WiFi; it’s better to use your mobile network (e.g., 4/5G), and if you do, use a Virtual Private Network (VPN) to encrypt your data. If you wouldn’t say the information in a spoken voice publicly, then don’t send it in public. Always consider what you’re sending and if you have done as much as possible to protect against the risks.
Eavesdropping – Business and Hotel Rooms Compromised
There is an increasing number of media reports concerning the discovery of surveillance equipment and bugs in private spaces: hotels and holiday rentals, for example. The intrusive nature of these devices, which are increasingly easy to purchase and deploy, means the problem is only likely to worsen. The commercialisation and access to ‘bugs’ over the last few years is best demonstrated by their availability on platforms like Amazon. Many of these devices are marketed for security and monitoring purposes, such as to monitor employees, including cleaners or nannies. However, they are often used maliciously.
The public availability and technological advances mean these devices are simple to use and can be easily deployed without the target’s knowledge. They are often used for corporate espionage, providing a competitive advantage in the business world. Devices can be easily deployed and left dormant, only activated when necessary.
These bugs are also used for extortion, hoping to capture anything of ‘value’ during a specific period.
In transient places like hotels, where the opportunity to secure the environment is limited, these threats are compounded. We often visit these places when we let our guard down, making us more vulnerable. Understanding the existence of these threats and how they can be deployed is the first step in protecting yourself.
Mitigating the risk
Routine trips, whether for business or pleasure, can be fraught with unexpected dangers. Proper planning and preparation are essential for travel safety. From their perspective, businesses responsible for sending employees abroad, must communicate travel risks and safety measures effectively to employees. Establish digital rules and cybersecurity guidelines, such as setting a verbal password for verifying urgent requests, similar to bank security protocols. Keep devices and software updated to prevent exploitation of vulnerabilities.
Gurpreet Thathy, Valkyrie’s Cyber and Electronic Counter Measures Director, emphasises, “Travellers need to be vigilant about their digital footprint. Using a VPN, securing devices, and being cautious about public Wi-Fi are fundamental steps in protecting personal and business data.”
Enhance your social media account’s privacy and security settings and be selective about what you share. Small pieces of personal information can be used against you to add an air of authenticity to deepfakes. Sharing your location also allows malicious actors to monitor your movements. Also, use multi-factor authentication for all of your accounts. This extra layer of security helps prevent unauthorised access, reducing the chances of someone obtaining your data.
Travellers should use clean devices, ensure all personal information and sensitive files are sanitised, and use VPNs to ensure data security while transmitting data to and from their devices. Travellers should also be conscious of checking business or personal electronic devices with their luggage at airports. Avoid public USB charging ports, which can harbour malware, and use USB data blockers to prevent data theft.
Awareness is the first step in mitigating travel risks. Understanding the existence and deployment methods of threats allows travellers to protect themselves effectively. By staying informed and prepared, individuals and businesses can navigate the complexities of modern travel, safeguarding personal and corporate interests. The key is to remain vigilant, prepared, and informed at all times.
Final Tips
Before travelling, create a security checklist that includes locking down social media profiles, updating device software, and setting up communication protocols with family and colleagues. Use travel security apps like bSafe and TripWhistle for real-time alerts and emergency contacts. Regularly check government travel advisories to stay informed about new threats. Upon arrival at your accommodation, scan for suspicious devices using anti-spy bug detectors. By adopting these practices, travellers can better protect themselves and their organisations from potential threats, ensuring a safer and more enjoyable travel experience.
Matthew Newton is the Director of Crisis Response at Valkyrie (GB) Limited, a boutique security and investigations company based in central London, that offers tailored security solutions for individuals, businesses and government organisations. Specialising in cyber security, Technical Surveillance and Countermeasures, investigations, and physical/personal security measures, their services also include crisis management, physical penetration testing, covert surveillance and security training. Reach them at security@valkyrie.co.uk and see more at www.valkyrie.co.uk
