When you’re a small business owner, a business trip or vacation probably leaves you scrambling until the day of departure to make sure everything will run smoothly at the office while you’re gone. Though you may be worried about what’s going on at the office, your own actions while you’re on the road may inadvertently open you or your business to fraud.
You can’t protect yourself or your business against every worst-case scenario. But there are some simple steps you can take to minimize the likelihood of problems when you travel. Here’s a quick guide.
1. Carefully Connect
For most business owners, the idea of disconnecting completely during travel— including vacations— is an unlikely fantasy. You’ll probably check in frequently, and when you do, you want to make sure your business and personal information is secure.
Number one on that list is being careful when you connect to public wifi. You’ve heard the warning about wifi safety before, but perhaps you’ve ignored it and thought, “I will look into that before my next trip.” But that could be an expensive mistake.
Don’t take chances. When you use public wifi, whether from your hotel or coffee shop, use a VPN (virtual private network.) There are plenty to choose from, so take a few minutes to sign up for one, and install it on your mobile phone and any laptops or tablets you use when you travel. Another alternative is to use your own hotspot (on your phone or a separate one) to connect securely. If you go that route, make sure you have plenty of data— and that you can use it in the locations you’ll be traveling to— so you aren’t tempted to use public wifi “just this once.”
If you do connect directly to public wifi for tasks where you think security isn’t a major issue, say to read the news or generally surf the web, make sure you are using an encrypted one (https: not http:, and indicated by a locked padlock) and verify the name of the network before you log on. Scammers can name a network to look like an official one.
Another tip: If you use a password manager like LastPass set security restrictions such as two-factor authentication, restrict authorization to specific countries (which you can update before and after international trips), keep activity hidden with a secret email address, and more. 1Password lets you set up “travel mode” which allows you to identity “vaults” you choose as safe for travel. It removes the rest until you turn off travel mode.
2. Use the Right Plastic
Of all the ways you can pay for your travel expenses, credit cards are the safest. Personal debit cards carry higher liability limits under federal law if they are lost or stolen, and business debit cards are not covered by federal law in the case of fraudulent use. (Here’s why you may want to ditch your business debit card.) Although you’ll probably want to keep a little cash on hand for tips or small transactions, your best bet, safety wise, is to charge as much as possible to your credit card and avoid carrying cash money that could be more easily stolen.
In addition to the safety and security benefits, credit cards can also help you track expenses, meaning fewer headaches when you return and need to file expense reports. If you are traveling abroad, choose a card with no foreign transaction fees, if possible.
3. Monitor Your Financials
Set alerts for your financial accounts, including bank accounts and credit cards, to alert you to out of normal activity. If you set alerts for high dollar amount purchases, though, keep in mind that some crooks will first place small test purchases. It’s wise to check your full account activity on a regular basis, if you can do so securely.
It’s also a good idea to keep track of your personal and business credit scores. A dramatic change in either could indicate something’s gone awry: you or an employee forgot to pay a bill, for example. It can also tip you off to the fact that you or your business has become a victim of identity theft. Remember that unlike personal credit reports, you can’t freeze your business credit reports.
Fight back against ID theft. Get $1 million in personal identity theft insurance with a Nav Premium account. Sign Up Now.
4. Educate Your Key Employees
Your employee receives an urgent message from you requesting that you wire funds to complete a business deal you’ve cemented on your overseas trip. Or you get a urgent request from one of your employees for a wire transfer to one of your key suppliers for a rush order. Careful: your firm could be the latest target of crooks that have successfully ripped off other businesses.
Your employees— or even you, as an executive— may be vulnerable to sophisticated Business Email Compromise (BEC) and Email Account Compromise (EAC) attacks designed to steal money from your company, usually through wire transfers. These scams are serious and frequent enough that the Internet Crime Complaint Center (IC3) now tracks them as a separate type of crime. Between June and December 2016, U.S. financial recipients reported losses of $346,160,957 in these types of scams to the IC3.
As an IC3 bulletin describes it:
…The subjects monitor and study their selected victims using social engineering techniques prior to initiating the BEC scam. The subjects are able to accurately identify the individuals and protocols necessary to perform wire transfers within a specific business environment. Victims may also first receive “phishing” e-mails requesting additional details regarding the business or individual being targeted (name, travel dates, etc.). (Emphasis added.)
Educate key employees on these scams and determine a way to verify legitimate requests from you, or to you, whether that’s a secret phrase or secondary source of verification. Be especially careful of communications that urge you or your employees not to share this information with anyone else. Consider setting up two layers of approval within your company in order to prevent a single employee from either making a dumb mistake, or intentionally defrauding your firm. And while you’re at it, don’t communicate your security procedures through email, which could be compromised.
5. Be Very Cautious on Social Media
When you announce to the world that you’re traveling, scammers can pick up on that information. As the previous example illustrates, they may create an urgent request from “you” to have emergency funds wired to you, or to a bogus client. Or they may compromise your email or social media accounts to send an urgent, “Help, I’m stranded/been arrested/need emergency medical attention email.” Details of your travels plans become valuable weapons in their attempt to appear legitimate.
Think twice about posting travel plans on social media. If you must share, make sure you are using a secure connection when you access your accounts, don’t post details (“Looking forward to dinner at Le Stella tonight!”) and consider waiting until after you’ve left a location to post photos.