Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label passenger information. Show all posts
Travelling Safety
Boarding pass Data Breach passenger information Stolen Data Travel Travelling Safety

Experts Alert Travelers Against Sharing Photos of Boarding Passes Online


After giving hours to work – each day, every week, for months – checking in at the airport possibly represents an exciting time, for travelers who have waited long for the much-needed rest and recreation.

One may also want to capture this moment and share a sneak peek of their journey with their pals, starting with clicking a little picture of their boarding pass to post on social media. However, cyber experts have advised the vacationers against this, since doing so could be a risk to their privacy, or even lead to their information getting into the wrong hands. 

While modern boarding passes do not contain any outright personal details and only contain information like the person’s name, flight number and seat number, certain codes could be used by a hacker to further get hold of a victim’s information.

Josh Amishav, Founder and CEO of data breach monitoring company Breachsense, explained "Your frequent flyer number, name, and passenger name record are valuable for identity theft, enabling fraud like opening credit card accounts or making unauthorised purchases.”

"Hackers can employ social engineering techniques, pretending to be airline representatives to trick you into revealing more personal data. They can also create targeted phishing attempts using your boarding pass info, leading to clicking on malicious links or sharing sensitive data," he says.

The threat does not end here, since this is not the only way a boarding pass can be used by an unauthorized body to access a flyer’s information. Another case that comes to light is the illicit usage of contents of a lost or stolen boarding pass.

Thus, there are several measures and precautions one must keep in mind in order to protect oneself from falling prey to such cyber incidents. Here, we are listing some of those measures: 

  • Always make sure that the boarding pass is safe with you; never put it in the pocket of the airplane seat or toss it in a hotel trash can without first shredding it up. 
  • It is crucial to properly dispose of printed boarding passes when one is done with them and no longer needs them in order to prevent the information contents from falling into the wrong hands.
  • In case one is posting picture of their boarding passes, or any documents from their trip on social media, it is recommended to edit those pictures in a way so it does not display any important detail.  

Read more »
Travelling Safety
Airline Boarding pass passenger information Privacy stolen information Travel Travelling Safety

Travel HACK: Why you Should not Share Photos of Your Boarding Pass Online

You are done packing the bags, you put on your airport look and now you are all set to board the flight to your dream vacation. You might as well want to post a picture of the trip, or share a picture of your boarding pass. But wait, doing this recklessly may cost you your privacy.

While boarding passes do not include some outright personal information like an address or a phone number, they do involve certain codes that would work well for a crime actor to find information about you

The documents may appear to be nothing more than travel keepsakes outside of their primary use at the airport, but they are much more informative than many travellers realise. According to Amir Tarighat, CEO of cybersecurity company Agency, "people often think, like, 'Just this information isn't enough to compromise (me)' but that's not how the attackers view that information." Boarding passes possess information like the flyer’s legal name, your ticket number, and passenger name record (PNR), a six-digit alphanumeric code specific to their reservation.

Meanwhile, Amir Sachs, founder and CEO of cybersecurity and IT company Blue Light IT said, “Using the PNR and your last name, a hacker can have full access to your booking information, which will give them access to your phone number, email address, and emergency contact information.” Getting a hand to an individual’s PNR also lead to a passenger’s frequent flier number, Known Traveller Number (associated with Global Entry and TSA Pre-Check), and redress number (associated with the Department of Homeland Security’s TRIP program).

With all the aforementioned information, one can easily change a passenger’s booking. In fact, all you need to change or cancel flights online is your name and PNR; a password is not required. Additionally, someone may simply steal a hard-earned frequent flier miles if they gain access to their frequent flier account, which does require a password. Moreover, much worse issues await if a hacker gets hold of a victim’s details through their boarding pass.

Josh Amishav, founder and CEO of data breach monitoring company Breachsense explains, “Your frequent flier number, name, and PNR are valuable for identity theft, enabling fraud like opening credit card accounts or making unauthorised purchases[…]Hackers can employ social engineering techniques, pretending to be airline representatives to trick you into revealing more personal data. They can also create targeted phishing attempts using your boarding pass info, leading to clicking on malicious links or sharing sensitive data.”

While these risks do not stop at posting your boarding pass online, you might as well want to skip the entire printed boarding pass to reduce the risk of data being compromised from a discarded or lost slip. Researcher and senior technical director for cyber safety brand Norton explains, “Consider using a mobile boarding pass to ensure no physical copies will be left behind in your plane seat pocket, boarding area, or somewhere else where scammers can easily grab it.” One may consider that travel apps too could be hacked, so compromising digital boarding pass is not something entirely safe either.

Even though one may get quite lucky to avoid any such issue, posting a photo of your boarding pass online is not worth the risk. Thus, being mindful in taking cautionary measure could save you from any trouble. If you are adamant on posting a picture of your boarding pass online, you can use photo-editing software to hide away that information, or you can skillfully stage your photo so that none of the identifying details are visible, which will also include the barcode.

“Hackers can use barcode scanners to steal information from boarding passes shared online or left behind in airplanes and airports[…]Depending on the airline, a barcode scanner can unveil a flier’s airline account number, associated email and phone number, and your flight’s confirmation code — information that could all be used to make a phishing attack look more realistic,” explains Roundy.

It is also advised to post your travel photos on a delay— ones you are back from your travel, as Sachs says, “Keep your info safe and save the travel bragging for when you’re safely back home!”  

Read more »
Subscribe to: Posts (Atom)