Travelers at high risk of identify theft, experts say

By
Nancy Trejos, USA TODAY
December 12, 2011, 6:10 PM ET
5 min read

— -- The last time John Sileo took his daughter to DisneyWorld, it ended up costing much more than he expected.

When he returned to his hotel after a day at the theme park, his bank notified him that his credit card had been shut down because someone had gone on a $3,000 online shopping spree. He suspects the person used a smartphone to snap a picture of his card number at the theme park's electronic ticket booth.

Ironically, Sileo, an identity theft and fraud expert in Denver, had traveled to Orlando to give a speech to the Treasury Department on avoiding identity theft. But given that Sileo spends more than 50 days a year traveling for work, even he faces particular challenges to protecting his personal information.

"Data theft goes through the roof on the road," says Sileo, a spokesman for CSID, an identity protection provider.

Identity theft can be a rude awakening for many business travelers. Last year, identity theft made up 19% of the 1.3 million complaints stored in the Consumer Sentinel Network, a secure online database available to law enforcement agencies.

Experts say business travelers are especially vulnerable because they increasingly rely on electronic devices that easily can be lost or hacked. Credant Technologies, a data-protection company, found that travelers have lost 11,000 mobile devices at the busiest U.S. airports this year, 37.5% of them laptops and 37.2% tablets or smartphones.

Hotels also are prime targets for people looking to steal financial data. In a study of 200 data breach cases, Trustwave's SpiderLabs, the online security company's research arm, found 38% occurred at hotels or resorts.

"You are 15 times more likely to have your identity stolen than to have your car broken into," says Todd Davis, chairman and CEO of LifeLock, an identity-theft protection company.

Two key challenges for travelers involve the use of unsecured wireless networks at hotels, airports and other public venues and the infiltration of smartphones through Bluetooth technology.

A couple of years ago, Marshall Goldsmith, a buyer and restorer of antiques in Las Vegas, discovered that a stranger had opened credit card accounts and a home equity line of credit in his name. His information was likely compromised while using the Wi-Fi network at an airport. Now his computer is set up so he can only gain access to it with an eToken, a device that authenticates passwords. "It costs more for the extra security, but I think that it's worth it," he says.

Many companies have taken measures to protect employees and sensitive corporate information, the Global Business Travel Association says. Many require their traveling employees to access company files through a secure virtual private network, or VPN. Others have invested in smartphones that can have their contents remotely erased.

But experts say workers must take responsibility for their own safety. "If you take the appropriate precautions, you reduce your risk dramatically because the criminals will move to easier prey," Davis says.

Do leave home without it

Experts advise that in preparing for a trip, you clear out your wallet before a thief does it for you. Travel with only two credit cards, one to walk around with and one as a backup to store in the hotel safe, says Steve Schwartz, executive vice president consumer services at Intersections. Social Security cards should also be left at home. Jot down the contact numbers of card companies and keep them in a secure place.

When booking airline tickets, hotels or other arrangements, use a credit card rather than a debit card, because it decreases your liability. And never announce on social networks that you're leaving town, if only to keep someone from breaking into your home.

"This time investment is minuscule in comparison to the time loss and pain caused by identity theft," says Denis Kelly, CEO of IDcuffs.com, an identity-protection service.

On the road

In many ways, mobile devices have done wonders for business travelers, but they've also put them at risk. For instance, thieves can pair their Bluetooth devices with yours to steal files from your smartphone. So if you're not using your Bluetooth, turn it off. Also beware when downloading applications, because many come with spyware or other malicious software, says Adam Levin, chairman and co-founder of Credit.com and Identity Theft 911.

Hackers also can easily get into computers. One method is a man-in-the-middle attack in which special software inserts a rogue user between the legitimate one and the unsecured wireless network. Experts recommend having updated anti-virus software, encrypting sensitive data and never typing in passwords or credit card numbers over an unsecured wireless network. Even fax and copier machines should be used judiciously, because they can store information, experts say.

Although many victims are able to recover their money, the average loss is still $631 per incident, according to a Javelin Strategy and Research Report earlier this year.

Kathryn Alice, vice president of a publishing company in Los Angeles, didn't lose anything when thieves tried to charge $25,000 on her credit card in San Jose, Costa Rica, while she was on business there in 2009. Her bank denied the charge. She now closely monitors all bank transactions and is careful on public Wi-Fi. "No harm done," she says, "but it was an eye opener."