while it may make a cute vacay pic, posting on social could give hackers all they need to rip you off.
by rick richardson
technology this week
any pictures of your boarding pass should be excluded when choosing which travel photos to share on social media.
the documents may appear to be nothing more than travel souvenirs outside of their primary use at the airport, but they are much more informative than many travelers realize.
more tech this week: chatgpt passes cpa exam on second try | smartwatch saves two lives | first e-road charges electric vehicles as they drive | stanford scientists 3d-print heart tissue | four of today’s new technologies that will be tomorrow’s ‘norm’ | cyber insurance costs rise in health care as attacks soar | phishing attack hackers have a new trick
exclusively for pro members. log in here or 2022世界杯足球排名 today.
if cybercriminals can get a picture of a boarding pass, they can exploit travelers in several ways.
even while the information on the documents appears to be sparse, bad actors “can very easily bring up the rest of the things they need to know about you from public records, like your date of birth, your address, your phone number, or your email address,” according to amir tarighat, ceo of cybersecurity company agency.
“frequent flyer miles are actually really easy to steal, and they don’t have the same protection that banks have,” tarighat said, adding that travel accounts are commonly sold on the dark web.
hackers may be able to access your account using information from a boarding pass, such as your rewards account and confirmation numbers. according to tarighat, information can also be removed by third parties using the barcodes on boarding passes.
according to him, social engineering assaults, which are ” tricking people,” can also be created using the information on the boarding pass.
so, he explained, “you might work for a company, and someone notices that, ‘oh, this individual is traveling. they can use that knowledge to trick you into doing something by sending spam, phishing and social engineering emails to other firm employees saying things like, “amir’s in paris this week” or something similar. this can entail granting them access to a specific account or sending them money.
the details may also leave behind digital breadcrumbs that attackers can use to trace the traveler’s web connections and launch additional attacks.