Criminals have plenty of opportunities to take advantage of the vulnerabilities inherent with travel.
Every time you hand your credit card to the hotel receptionist or the restaurant clerk, use the hotel computer to check email or surf a public Internet site, you put your identity at risk.
And while it's bad enough to discover someone is using your ID and credit when you're at home, it's far, far worse to make that discovery while you're off on a trip, a long way from home. Especially if you fly airplanes for a living. Trust me on this. I know from unhappy experience.
At the end of a fairly normal, multi-leg duty day I retrieved my flight bag from the back of the airplane to grab some cash to tip the hotel van driver and to check for voice-mail messages on my cell phone. I was surprised when I came up empty; neither the wallet nor phone were where I habitually stored them. Suddenly anxious, I started rummaging furiously through my flight case, but to no avail. Then I noticed my laptop was missing. A sick feeling came over me. When I told my crewmate that my stuff was missing, he began searching through his gear. Within moments he made the same discovery. We'd been cleaned out.
The realization that someone had boosted out valuables left us full of angry conjecture — we had one particular suspect in mind — but no solid conclusions or evidence. Of more immediate concern was the fact that we were both without any cash or credit cards. Our laptops were gone, as were our cell phones, so other than screaming, we couldn't communicate. Moreover, we had neither our driver's licenses nor ourairmen and medical certificates. We were in a bad way a long way from home.
The driver took us to the hotel and we apologized for being unable to tip him. Luckily the hotel reservation had been made on-line by our travel department and our company credit cards were in the reservation system. Normal procedure for the hotel front desk is to double-check a picture ID and get a hard copy of the credit card for the visit. The hotel chain was well acquainted with pilots from my company, and we were in our uniforms (which included our flight crewmember ID on a lanyard), so the customer service representatives allowed us to check in. That — and the fact that we were not on an international trip — were about the only positive factors in our otherwise unfavorable circumstances.
I didn't know it at the time, but American Express was already trying to contact me because of some “irregularities” noticed in my credit card spending over the previous 4 hr. However, since the thief had my cell phone, I never got the call.
Angry about my circumstances, I sat down in my hotel room and tried to remember which cards I had in my wallet. When a person is as upset as I was then, the memory banks get foggy. I recalled the “normal” cards that I use on an everyday basis, but was unsure of which other little-used cards I might have been carrying. As it turned out, there were two of those in my wallet. American Express recommends carrying only the bare minimum of credit cards for a trip, and now I understand why.
The U.S.recommends travelers make copies of their debit and phone cards, front and back, and include bank information, telephone PIN or password, customer service phone numbers, emergency contact information and account information. Document your cell phone or PDA account information and carrier contact numbers. The department recommends making two copies of this documentation, one to keep where you can access it easily and another to be left at home where a spouse or relative can retrieve it. Good advice, which of course I had not followed. Had I done so, things would have gone much more smoothly.
The backs of credit cards often have the customer service phone numbers to report a theft, but that does little good if the card is in the possession of the thief. The hotel had a business center where I used their computer to get on-line and look up the customer service phone numbers for the various credit card companies. When I called the various 800 numbers on the landline while sitting next to the computer, representatives at each of the companies followed their procedures to ascertain that I was indeed the rightful owner of the respective account. This involved answering a number of identity questions. The practical problem was that there were others in the hotel business center and the location of the telephone did not enable me to answer those questions discretely. My paranoia had peaked, and I realized how easily it would be for a person sitting nearby to listen in and note my answers.
As I went through shutting down the credit cards, I was happy to discover that reporting the theft quickly would alleviate most fraudulent charges. However, if I ever have to go through a high-level security clearance background check in the future, I'll be embarrassed at the criminal's purchases.
The creep had also called several of those 1-900-Talk-Dirty-To-Me phone numbers that any husband would never want his wife to see on the phone charges. The criminal had racked up eye-popping charges in just a short time.
In my rush to stanch the red flood of credit card fraud, “Murphy's Law” struck back. My wife was in Ireland at the time on a business trip. She needed to refill her car with diesel and return it the next day to the rental car facility for the flight home. Since this was the end of her trip, she had dutifully used up almost all of her euros. When she pulled into the gas station 5 min. before closing time at midnight, the gas pumps wouldn't accept her credit card. She tried another. It, too, didn't work. The station attendant was frustrated waiting for this “foreigner” to hurry up and finish refueling the car. His language was Polish. My wife is multilingual, but Polish isn't one of her languages.
So, consider her circumstances: It's midnight; she's alone in a foreign country; she needs fuel but has only a couple shillings in her pocket; her credit cards suddenly aren't working for reasons unknown; and her departure time is looming.
Naturally, she pulls out her cell phone, punches in my number, her mind chock full of questions and concern. The phone rings and rings, but her husband fails to answer, and she gets more angry with each unanswered “Brrrinngg!”
Lesson number umpteen I painfully learned from this experience: If you are going to shut down your credit cards, don't leave your spouse stuck in Europe without a working credit card to complete the rest of her trip!
Many financial organizations recommend that you regularly monitor your accounts and immediately report any suspicious activity. To road warriors, this means checking your account activity while on the road, likely using a Wi-Fi signal in a hotel, airport concourse or Internet cafe. The U.S. Federal Trade Commission (FTC) has assembled a collection of information to warn us of the threat of identity theft. Those using public Wi-Fi risk having their identity stolen by another person sharing the same connection. Anything you do on a public connection is less secure than when you are logged in at home or the office. The only information that gets encrypted on public Wi-Fi is your log-in.
While commercial services routinely encrypt their websites so they are more secure than email, hackers are able to use “cookies” from your email and social network sites to steal credit card and other personal information. This allows hackers to “sidejack” you, pretending to be you and gaining access to your personal data.
To prevent cookie sidejacking when using public Wi-Fi, experts recommend using mail websites that encrypt data. Gmail has been encrypting its mail since January 2010. You can tell if a website is encrypted if a small padlock icon appears to the right of the site's address in the address bar of the web browser. Also, look for “https” in the URL since the “s” means that the web traffic between your web browser and the website in encrypted, and thus the site is secure from any hackers trying to intercept the message.
Internet thieves have learned how to re-direct your Internet request to a fake website where they can extract your information. Make certain you are logging into the hotel's Wi-Fi network, and not a fake hotspot. Scammers often create a name that is very close to that of the desired network, so be safe and assume any Wi-Fi connections are being monitored. Using official access keys or security codes provided by a known establishment will help protect you from false Wi-Fi sites.
Moreover, don't stay permanently signed in to accounts. When you've finished using an account, log out. The American Express website advises using the “remember your User ID” on your own computer, so when you return your User ID will automatically be entered into the Sign In box. A fraudulent website will not be able to display your User ID, letting you know you are not on the genuine website. You should not use the “Remember Me” functionality on a public or shared computer, such as those hotels make available to their guests.
Mobile device users should make certain they have downloaded all security updates for their operating systems. Use virtual private networks (vpn), which encrypt all information, making your communications more private. Using a paid Wi-Fi connection has some value as this offers an added layer of protection.
Smart phones are also prone to sidejacking attacks when the device switches from a cell phone carrier to a wireless hot spot. It is recommended that you go into the settings on your phone and turn on the encryption.
Don't pay bills, use credit cards or conduct financial transactions at public Wi-Fi hotspots. Never email your credit card information, even if a merchant is asking. Be careful which Internet links you click because some can download and launch malicious programs on your computer. Use tools such as McAfee Site Advisor to alert you to malicious websites before you click. Avoid corresponding with strangers behaving suspiciously or click on short URLs since these can hide malicious websites. Other precautions from the FTC include making sure your firewall is turned on, and your virus and malware protection are up to date.
Password protection is vital. American Express warns its members to avoid using easily available information such as date of birth, or the last four digits of your Social Security number when creating passwords and personal identification numbers. Use different passwords on your banking and brokerage accounts, and update all of your passwords regularly. Use strong passwords composed of 8 to 20 letters, numbers and symbols.
Savvy thieves have learned to use social networking websites to gain access to your valuable information. Experian ProtectMyID commissioned a study in 2011 that found one-fifth of respondents posted their travel plans on social networking sites. When data thieves get this information, all they need to do is look up a traveler's home address online and steal any mail containing information that can be used to commit ID theft.
Identity-theft can easily occur “the old-fashioned way” too. According to the State Department, the most common crime encountered when traveling overseas is pickpocketing. Practitioners congregate wherever there are crowds or bottlenecks: on escalators, subway trains, at turnstiles, or at the doors of packed buses or subway cars as people get on and off. While traveling, make an effort to remain alert for pickpockets or thieves.
You are most susceptible in crowded sites where tourists are focused on something else. Tourists are often targeted by individuals and small groups of thieves working together. Street performers will work in concert with thieves to hold your attention while pickpockets rob you. Be careful about people who approach you. In public places such as airports, train stations, bus stations and markets, you should exercise special care in safeguarding valuables against pickpockets. Guard your valuables (especially purses and bags) while visiting busy cafés and restaurants. Do not leave valuables unattended in vehicles, and make sure car doors are locked at all times. Your money, credit cards and forms of ID should be in a secure place, such as in a money belt worn close to your body.
Consider carrying a “dummy” wallet, filled with loose change and a few small bills. Several informative websites suggest saving the fake cards that come with credit card solicitations in the mail and put those in the dummy wallet. If held up, you can surrender the dummy, and the thief won't realize he's been fooled until after the two of you have parted ways.
There are other “common sense” pre–cautions that you should firmly follow. For instance, never count money or wave cash around in public. Count your money behind a closed door such as in your hotel room or a rest room, not at the café or on the street. Never let your credit card out of your sight, and never use your credit card on a public computer.
If you do want to carry a bag, carry only enough cash in a fanny pack or over-the-shoulder bag to cover expenses for one day, and be sure the bag zips. Wear a shoulder bag over both the head and shoulder and in the front, not at the side. Never let your bags out of your sight. Always keep a leg or arm tucked through the daypack. Don't hang your backpack over a chair at the café. Use small combination travel locks on your bags. Once through airport security the bags should remain locked, especially while riding on trains and buses. Even a small daypack should be kept locked.
Our personal conduct on the road can expose us to additional danger. The State Department warns that especially late at night near bars and night clubs, foreigners have been subjected to scams, or have become involved in altercations (some violent) with drunks. One late night scam has involved attractive women enticing tourists in a reputable bar to visit a nearby bar where they are grossly overcharged. A number of travel websites specifically advise travelers to remain sober.
Try to pack your valuables in a piece of luggage that you will carry with you the entire time. Forgo anything flashy, brand-labeled or attention-drawing. Wear modest jewelry, if any, and do not advertise any expensive shopping trips. Pack light so you aren't bogged down with having to carry a bunch of items. Inquire if the hotel has in-room safes to store valuables during your stay. If that isn't available, ask about a hotel safe or guest lock box. Hopefully the hotel safe allows you to set a new combination. Longer combinations offer better protections. Never use a safe that requires a key provided by the hotel, as there may be untold copies circulating among staff and former guests. Before your trip, document your valuables. Take pictures of your camera, iPod, jewelry and other valuables. Note serial numbers and other information for possible insurance claims.
Theft is the most common crime committed in hotels. Try to get a room that isn't near a stairway or elevator and is not on the ground floor as this reduces foot traffic and the risk of strangers prowling around. If the clerk announces your room number for anyone else to hear, ask to be reassigned.
Hotel employees are the biggest culprits for these petty crimes, so effectively hiding valuables is an important preventative measure. Take advantage of all of the locks in the room. Higher grade hotels generally have more protection measures in place.
Hang the “Do Not Disturb” sign on the door. Keep the room and your items tidy so that any disorder would be conspicuous. Do not leave any valuable items out in the open. Tape items underneath the desk or side tables. Place cash within the pages of a book or telephone directory. Hide items in plain sight by keeping important documents concealed in a pile of restaurant menus and travel brochures. Throw valuables in truly dirty clothes such as underwear. Use a “diversion safe,” such as a fake can of shaving cream or hollowed-out paperback, to store valuables. These are available at security shops and online.
Keep suitcases locked. Use a cable lock to tether your bag to something stationary. Use small zipper locks to prevent entry into your bag as well as slash-proof panels to keep thieves from tearing it open. Secure or remove valuables from your rental car as well. Lock the rental car doors.
Incidentally, if you do become the victim of theft while on a trip, insurance websites recommend reporting the theft to the police so there is an official report to enhance the likelihood of reimbursement of the loss.
Having your cash and credit cards stolen when away from home is bad, but having your identification documents lost or stolen is worse. As I sat in the hotel trying to figure out how I was going to airline home, I realized that without a government-issued photo ID, I would be unable to get past theagents handling airport security. Yes, I did have my company-issued ID with my picture, but adult passengers over 18 are required to show a valid U.S. federal- or state-issued tamper-resistant photo ID that contains your name, date of birth, gender and an expiration date.
The TSA says not having an ID does not necessarily mean a passenger won't be allowed to fly. Alternately, passengers can provide at least two other forms of identification, such as a Social Security card, birth certificate, marriage license or credit card. At least one of these documents must contain one of the following: date of birth, gender, address or photo. In reality, none of us carries the former three items on the road (nor should you!), and if your wallet has been stolen, you won't have credit cards to help establish your identity.
The TSA's website states that other means of substantiating your identity can be used, such as using publicly available databases. Once the TSA confirms your identity, then you may enter the secured area, with the caveat that you could be subject to additional screening. (For more information, see the TSA's “ID Requirements for Airport Checkpoints” website.) If you are attempting to use an alternate method of establishing your identification for TSA screening, it is recommended that you show up much earlier at the airport to allow TSA the extra time this will take.
Any pilot absent credentials through loss of theft while on the road is basically grounded immediately since the regs prohibit anyone from operating an aircraft without having their pilot certificate, medical certificate and a valid government-issued photo identification on their person.
Getting a temporary replacement of your FAA pilot certificate can be done on-line. The easiest way is to insert “lost/replace pilot medical certificate” into the search engine. It will direct you to the FAA website that answers this specific problem. To get a replacement copy of your medical certificate, you can submit AC Form 8060-56 (the link is available on the website) to the Aerospace Medical Certification Division's address on the website, and that unit can fax back a record of the lost certificate that is valid for no more than 60 days, which should be enough time to receive your replacement certificate.
Replacement of an airman certificate is relatively easy to accomplish in the same way. Insert “replace lost airman certificate” into your search engine and you'll get to the FAA's link. If you want to request a replacement certificate on-line, you will be required to register with Online Services. The other option is to mail the request to the Airmen Certification Branch.
Losing one's driver license while traveling may leave you out of luck, however. In order to get a duplicate license, you'll need to visit your state's Department of Motor Vehicles (DMV) in person, where the personnel will verify your identity before issuing a replacement. Most states' DMV websites require bringing along acceptable proof of identity. Unfortunately, if your primary means of identification (driver's license and passport) have been stolen, you will need to find other supporting documents such as an original birth certificate and Social Security card to find sufficient alternative documentation to prove your identity to the DMV.
Having your passport is an absolute necessity when outside your home country. If you lose your passport or other identification documents while traveling internationally, get in touch with the nearest embassy or consulate immediately. If you have copies of your documents, that will expedite the replacement process. Domestically, report your lost or stolen passport by phone or using a State Department form that is available on the Internet.
Losing my laptop was just as frustrating in this event. I basically “live” on my laptop. At any one time I probably have 20 draft articles for BCA stored on it, plus hundreds of research files, emails, spreadsheets, etc. Luckily when I get home from trips I habitually back up the files onto a separate hard drive. When I took that hard drive to the Apple store, the folks there were able to transfer all of the files onto the new laptop. It is recommended that you remove sensitive data from your laptop before traveling. Protecting your laptop and other communication devices with passwords is of course a prudent step if they carry sensitive information.
A quick review of theAviation Safety Reporting System files revealed one business aviation trip in which an FBO lineman off-loaded all the bags from the aircraft and put them in the passengers' vehicles. Unfortunately, the pilots' bags were among them. The good news is that the crew bags were later discovered and returned. The bad news is that the flight crews had subsequently operated an aircraft without their documents.
In the end, my wife was assisted by a stranger who quickly turned into a friend. In true Irish fashion, they speculated as to whether they were related during their trip up to Dublin to catch the flight home. I, too, benefited from the kindness of strangers, namely customer service representatives, and managed to get home days later by deadheading on one of our company's aircraft on a ferry flight to an airport relatively close to home and then having a friend fetch me and finally deposit me at my front door. The financial damage of the stolen credit cards was kept to a minimum thanks to the aggressive security screening by the credit card companies themselves and by my prompt reporting of their disappearance.
The consequences of the identity theft could have been worse, and yes, my experience has made me more attentive to the need for identity theft protection. Websites for vendors that provide identity theft protection contain further advice on how to protect oneself from this growing crime. Criminals have become resourceful in their ways to gain access to our identity information.
In the meantime, if anyone has sugges–tions as to how a husband can redeem himself after stranding his wife in a foreign country late at night without any means of support, please send them my way. You've got my name and know where to find me. Thanks. BCA