Robinson Jardin, the head of social media and digital for NordVPN, told Forbes that travelers should avoid sharing too much vacation-related information online. As Jardin highlights, one of the biggest issues lies not with personal information typed out on a boarding pass but within barcodes. "When it comes to boarding passes," Jardin said, "the real issue is barcodes. They can be read by pretty much anyone with free software online."
Modern airline boarding passes commonly feature barcodes or QR codes that store a wealth of information. Beyond personal identification and contact details, these codes often contain your reservation number, frequent flyer ID, and sometimes your passport or driver’s license number.
Kevin Roundy, a researcher and senior technical director for Norton states as reported by TravelAndLeisure: "Hackers can use barcode scanners to steal information from boarding passes shared online or left behind in airplanes and airports. Depending on the airline," he added "a barcode scanner can unveil a flier’s airline account number, associated email and phone number, and your flight’s confirmation code — information that could all be used to make a phishing attack look more realistic."
Once hackers access this information they can manipulate flight bookings engage in identity theft employ social engineering tactics launch targeted scams sell data on the dark web leading to further identity theft unauthorized purchases other cyber activities
According to Josh Amishav Founder CEO Breachsense data breach monitoring company "Your frequent flier number name PNR are valuable for identity theft enabling fraud like opening credit card accounts making unauthorized purchases Hackers employ social engineering techniques pretending airline representatives trick revealing more personal data create targeted phishing attempts using your boarding pass info leading clicking malicious links sharing sensitive data"
The most sensitive information obtained from a boarding pass image includes the Passenger Name Record (PNR) frequent flyer number Armed with PNR hackers access passengers’ airline accounts alter cancel flights without cracking passwords Publicizing vacation plans also leads physical security threats burglaries targeting unoccupied homes
Travelers protect themselves several ways Forbes states best safest option simply avoid posting travel photos while still trip avoid sharing images containing boarding passes altogether
Opting mobile boarding passes securely discarding printed passes help mitigate risks Even so digital boarding passes aren’t impervious compromise if photo containing a boarding pass must be shared blur identifying details delay any sharing until returning home Minor details exploited cross-referencing public records data breaches Protecting oneself against social engineering attacks requires vigilance thoughtful disciplined approach what gets shared online Customers alert travel dealings scammers continually finding new ways target people personal information money
What other cybersecurity travel risks should people be aware of? How can travelers better protect themselves their sensitive information while away from home? Let us know your experiences in the comments section.
Alerts Sign-up
