A few weeks ago, I opened my inbox to this message from a fellow traveler:
There is a scam going on at the moment, whereby someone who speaks perfect English hacks into your email account and scams your parents for all they’re worth… Unfortunately it happened to me and it took me two weeks to realise what had happened. My hotmail account got hacked into most likely using keylogger software installed on a computer in a Lima hostel, then the hacker read all my emails to get enough personal info to pass himself off as me, emailed my parents telling them I needed money (for an imaginary car accident), gave them a bank account detail, and alas my parents fell for it. In the meantime I still had “normal” access to my account, so never imagined anything was wrong, and the hacker deleted my parents’ worried emails as they arrived…
In other corners of cyberspace, travelers to Peru are telling similar experiences. Most say their accounts were hacked when they used their hostels’ computers. Some of their families were swindled out of more than $3,000. Several travelers reported it to Politur (the tourism police), with little response.
According to an article published in Peru’s national daily, La República, keylogging and other spyware on public computers is common. Laboratorio Virus, a Lima-based company specializing in computer security, visited 52 cybercafés in the Peruvian capital. At each, it examined four computers. The results were startling: 32 percent had keylogger software, monitoring key stroke and mouse movements of users; 93 percent of computers were infected with Trojans that permit spying on users; and 23 percent of cybercafés used a remote control software that would also allow café personnel to access users’ data.
How do you protect yourself from such a scam?
I turned to V!VA Travel Guides techies for their expert advice. Most of the steps are common sense—but because we get distracted or are in a hurry, we forget to take them.
V!VA CEO Jason Halberstadt has these recommendations:
- The best solution is to avoid using computers at hotels and cyber cafés at all. Instead, use your own personal portable computer, smartphone or tablet and connect via WiFi.
- If you need to use public access computers, refrain from using them to access high security accounts such as your online banking account, credit card numbers and yes, even your webmail account.
- If you need to use webmail, Skype or any other account, change your password frequently. That way, if someone has gotten your password, they would be locked out of your account after the password change.
- Always LOG OUT of an account when finished using it, as just closing the browser window may maintain your session open, so the next person to use the computer is automatically logged into your account.
- Also be very careful to not have the computer save your username and password when prompted
On this last point, when you log into an account, you may be asked if you want it to remember your password. Always click on: No recorder nunca la contraseña de este sitio. Never check “Recordar mi cuenta” or “Recordar mi contraseña.”
In addition to the above steps, V!VA’s head technician, Cristian, offers these tips:
- Experts say that if the computer is an older model, it may be possible to detect keylogger software. For 30 seconds, press at least 10 keys with both hands. If the computer freezes up or becomes slow, it is because some type of event is capturing input on the keyboard and attempting to process and save the information.
- Another type of cyber attack you need to guard against is phishing.
Travelers have other steps they can take to protect themselves:
- Use the last five minutes of your allotted computer time to clear your search history and cookies, and to ensure your accounts are properly closed.
- If you use your own laptop or other device, do not let strangers (even recently met fellow travelers) use it; s/he may install spyware software onto it.
- Install an anti-key logger software onto your computer.
- The Electronic Frontier Foundation suggests using encryption for your most sensitive data (such as, with bank account), as well as many other measures to protect others from accessing your data.
- Inform your family and friends to never send money ANYPLACE for you, unless you ask for it by telephone call. Never rely on an e-mail request.
Travelers can also disconnect from cyberspace and move into the real world. Go back to using what world-explorers used before Internet, E-mail, Skype and all the “modern” conveniences existed:
- To keep in touch with family and friends back home, send a postcard instead of an E-mail. This allows folks to have a physical image of where you’ve been that will last generations. Need more space to tell your travel tales? Then write a letter.
- Go to the local locutorio (phone center) and call home.
- Don’t turn to the map on your computer screen to get around. Ask directions from locals.
In doing these, you’ll be supporting local businesses—the postcard kiosk, post office, phone center and others—as well as building your language skills and interacting with people.
The advent of Internet has affected the way travelers relate to each other. We are spending less time together. The entire hostel culture is changing. Wandering Earl discusses this phenomenon and in finding a balance between technology and socializing in his recent blog, Why Have Travelers Stopped Talking to Each Other.