Secret Service issues security warning for mobile users

The U.S. Secret Service has sent out a security notice for public computer terminals – and sharing that information with road warriors could help you keep them and your company’s info safe. 

In an advisory to the hospitality industry, the Secret Service warned that keyloggers have been found on some public terminals and business center computers at hotels.

Cyberthieves book a room (often using stolen credit cards) then install the malware on public terminals. This is used to capture each keystroke, which can reveal:

  • credit card information
  • account usernames and passwords, and
  • other sensitive material.

While these terminals usually have some security features built in that prevent installing or downloading software, they’re still vulnerable. USB drives and CD drives all but guarantee that a reasonably skilled hacker could eventually get around these security measures, according to Krebs on Security.

Levels of trust in public

Mobile technology has made business centers less necessary in most cases. Email or documents can be checked quickly on phones or tablets.

But clearly they’re still in use – hackers wouldn’t waste their time and resources booking hotels to install the malware on them otherwise.

Regardless of whether it’s a hotel, WiFi hotspot or public place, here are some keys to pass along to mobile users.

  1. Above all, protect devices. Don’t let a laptop, phone or tablet out of your sight. Thieves can make off with an unguarded device in a matter of seconds, or, if they’re particularly bold, attempt to install malware on it before you get back.
  2. Avoid public WiFi. A fake or malicious network could be set up to trap users looking to take advantage of free WiFi – especially in crowded places like hotels, conference centers or cafes. At the very least, VPNs should be used if any work needs to be done on a public WiFi network. A better rule is not to use anything at all.
  3. Even email is risky. If you’re using a public terminal at a hotel or elsewhere, use it for quick searches or finding directions at most. Checking your email may seem harmless enough, but it can lead to all kinds of stolen information. And if you’re printing a boarding pass, remember that may require a social security number, credit card number or other information you wouldn’t want falling into the wrong hands.