In 2024, the tourism sector recorded an increase of 11% over 2023, reaching 1.4 billion international travelers. With the sector projecting a growth of 7% annually over the next decade, cyberthreats are also likely to rise. Cybersecurity expert at Surfshark, Miguel Fornés warns that as the industry grows, it becomes more attractive to cyber criminals due to its increasing reliance on digital systems. This shift creates endless opportunities for malicious actors to exploit vulnerable individuals as even casual internet browsing or using free public Wi-Fi can lead to stolen accounts or identity theft.
Many places, such as airports, hotels, or coffee shops, offer free public Wi-Fi to help people stay connected. Unfortunately, this provides hackers with a great opportunity to take over travelers’ devices or steal sensitive information. “The main problem is that people often freely use public Wi-Fi without thinking about the consequences. They use it for online banking, social media, accessing other private accounts without worrying that their data becomes also free and open to hackers when they are connected to a free public Wi-Fi,” says M. Fornés.
For example, in Paris, one of the most visited cities in the World, 1 in 4 public Wi-Fi networks lack sufficient encryption. This creates an opportunity for someone to spy on internet activity, which could lead to privacy concerns, leaked personal data, or financial loss. Moreover, a crowded space is a perfect scenario for fake Wi-Fi hotspots — deployed to steal sensitive information that people may transmit while connected to this bogus signal. “It is recommended to use your own cellular data when possible. Otherwise, turn on a personal VPN to add a layer of security when the Wi-Fi signal cannot be trusted. Keep in mind that a widespread threat is typically found in airports and innocent people could become a victim of juice jacking. This tactic involves fake USB charging stations disguised as part of the station commodities, which load malware once your device is plugged in, or request installation of apps to charge your device,” says M. Fornés.
Another threat that is causing travelers to pay attention is phishing sites. According to EMPACT 2023, authorities launched a remarkable 6,269 investigations into online fraud schemes and made 1,018 arrests, indicating that being online is not always safe. “Phishing sites are difficult to shut down because they can be set up quickly and often migrate to countries with different laws. Whether traveling or just opening links at home, it’s important to be cautious and use strong security practices to protect yourself from these scams. To avoid phishing websites, always verify the URL before clicking, look for secure connections indicated by 'https,’ and be cautious of unsolicited emails or messages asking for personal information. Additionally, keep your browser and security software updated, enable two-factor authentication where possible, and never provide sensitive information unless you are certain of the recipient’s legitimacy,” says a cybersecurity expert.
Increasing vulnerability in the hospitality industry
IBM reports that the transportation sector is responsible for 5% of global data breaches in 2024. Meanwhile, the hospitality sector accounts for 4%, doubling since 2022, indicating that your data may not be entirely secure with these companies. “To stay protected, share only necessary information, ensure using the official website and/or airline app, and avoid clicking on unsolicited emails, SMSs, or even social media accounts purportedly belonging to travel companies. This way, if a data breach occurs, it will have a less significant impact. The same care should be taken when sharing personal data as when carrying out monetary transactions, as it can become a link between a person and their money,” says M. Fornés
ABOUT SURFSHARK
Surfshark is a cybersecurity company offering products including an audited VPN, certified antivirus, data leak warning system, private search engine, and tool for generating an online identity. Recognized as a leading VPN by CNET and TechRadar, Surfshark has also been featured on the FT1000: Europe’s Fastest Growing Companies ranking. Headquartered in the Netherlands, Surfshark has offices in Lithuania and Poland. For information on Surfshark’s operations and highlights, read our Annual Wrap-up. For more research projects, visit our Research Hub.
