Why You Should Never Share Photos of Your Boarding Pass on Social Media
Why You Should Never Share Photos of Your Boarding Pass on Social Media
We get it — sometimes you're just so excited to go on vacation, you simply have to take that classic photo of your boarding pass and passport and post it on social media. We hate to burst your bubble, but that's not the best idea. Boarding passes contain quite a bit of personal information, and if that information gets into the wrong hands, you're in for a bumpy ride.Get more news about boarding pass manufacturers,you can vist our website!
Your boarding pass always shows your full legal name, your ticket number, and your passenger name record (PNR), which is the six-digit alpha-numeric code that is unique to your booking. "Using the PNR and your last name, a hacker can have full access to your booking information, which will give them access to your phone number, email address, and emergency contact information," says Amir Sachs, founder and CEO of cybersecurity and IT company Blue Light IT. It can also lead them to your frequent flier number, Known Traveler Number (associated with Global Entry and TSA Pre-Check), and redress number (associated with the Department of Homeland Security's TRIP program).
With all this information, it's easy for anyone to change your booking. In fact, you only need a name and PNR to change or cancel flights online, no password necessary. And if someone hacks into your frequent flier account — which does require a password — they could easily steal your hard-earned frequent flier miles. But these aren't even the worst issues you might encounter if someone steals your details from a boarding pass.
"Your frequent flier number, name, and PNR are valuable for identity theft, enabling fraud like opening credit card accounts or making unauthorized purchases," says Josh Amishav, founder and CEO of data breach monitoring company Breachsense. "Hackers can employ social engineering techniques, pretending to be airline representatives to trick you into revealing more personal data. They can also create targeted phishing attempts using your boarding pass info, leading to clicking on malicious links or sharing sensitive data."
These dangers aren't only linked to posting your boarding pass online. You might want to skip the printed boarding pass altogether to reduce the risk of data theft from a discarded or lost slip. "Consider using a mobile boarding pass to ensure no physical copies will be left behind in your plane seat pocket, boarding area, or somewhere else where scammers can easily grab it," says Kevin Roundy, researcher and senior technical director for cyber safety brand Norton. Of course, travel apps can be hacked too, so digital boarding passes aren't entirely safe either. If you do opt for a printed boarding pass, it wouldn't hurt to shred or tear it up before you throw it out.
Sharing your boarding pass details could have consequences beyond travel-related theft and scams, too. "You’re tipping off scammers that you’re about to be on vacation, meaning you might be less diligent in checking your bank accounts for any unusual activity," says Roundy. "Additionally, letting people know you’re on vacation means you’re also sharing that you’re away from home, as well as the dates you’ll be out of town, leaving your home at risk of physical security threats like break-ins."
While you might get lucky and avoid any issues, we don't think it's worth the risk to post a photo of your boarding pass online. If you're dead-set on posting that photo, make sure you take safety precautions before doing so. You can artfully stage your photo so that none of the identifying information is visible, or you can use photo-editing software to blur out that information. And that includes the barcode. "Hackers can use barcode scanners to steal information from boarding passes shared online or left behind in airplanes and airports," says Roundy. "Depending on the airline, a barcode scanner can unveil a flier’s airline account number, associated email and phone number, and your flight’s confirmation code — information that could all be used to make a phishing attack look more realistic."
评论
发表评论