Sign up for your FREE personalized newsletter featuring insights, trends, and news for America's Active Baby Boomers

Newsletter
New

Are They Crazy? No Traveler Should Ever Post This On Social Media. | Cruising Altitude

Card image cap

play
Here's how air traffic control systems manage flight paths
Technology behind air traffic control is essential for ensuring the safe and efficient navigation of planes. Here's what the operations entail.
  • Posting a picture of your boarding pass can make your sensitive personal data public.
  • Boarding pass information can be used by anyone to alter your flight reservation.
  • You should also avoid looking at sensitive information on public wifi networks when you travel.

We’ve all seen these social media posts. Your BFF is going on a trip to Europe, or a tropical beach resort, or some other far-flung place and they want to let all their internet followers know and be jealous. 

So, they take a carefully crafted pic of their passport, boarding pass, and the Prosecco they’re drinking in the lounge before jetting off and posts it to their Instagram grid. 

It seems innocent, but if their crappy ex is feeling vindictive, they may have opened themselves up to much worse than an inflight hangover courtesy of the Prosecco. 

Boarding passes contain a lot of information about you and your flights, and any nefarious internet person could use the information printed on a boarding pass post to seriously derail your travels, so it’s best to be careful about what you post. 

Essentially everything a bad actor would need to alter your reservation is printed on a boarding pass. 

Your full name, departure and arrival airport, frequent flyer information and booking record locator, known as a passenger name record or PNR, are all either right there in plain text or embedded in the document’s bar codes. 

“Some of it, like the frequent flyer number, can be trickier. You’re talking about getting access to a frequent flyer number and then that opens things to someone that has more malicious intent,” Krishna Sampigethaya, Chair of the Cyber Intelligence and Security Department at Embry-Riddle Aeronautical University told me. “If you put the PNR number and the last name, you get, voila, access to the booking.” 

Especially if your social media accounts are public, Sampigethaya said, anyone who sees your post would have access to that information and could log into your booking and change things without your knowledge. 

Even I have done stuff like this, to be honest. 

Not that I’ve gone in and altered a stranger’s travel itinerary, but recently my parents were flying somewhere and sent me their confirmation. I checked the seats they had selected against aeroLOPA’s diagram of the plane and moved them to a better location without telling them (sorry Mom and Dad, but also, you’re welcome!). 

Not everyone is such a good son, though. 

“You have to be aware of not publicly posting things that are barcoded,” Sampigethaya said. “Don’t post things that have your information in it unless you want it to be public.” 

Armed with the information on a boarding pass, he said that hackers or other bad actors could try to access your account and steal your frequent flyer miles, change your reservation or do “other types of mischief.” 

Boarding passes aren’t the only thing that contain your personal data when you travel, according to Sampigethaya, though he said bag tags and other documents typically contain less information and pose less of a data security risk than the passes. 

“The main concern is if someone is able to spoof the bar codes, they may be able to introduce bags that are not authorized into the supply chain,” he said. “Once the trip is over there’s not much one can do with the baggage tag.” 

Sampigethaya said it’s especially important to be careful about your personal data when you travel. 

Aside from not posting your boarding pass online, you should also be strategic about how you dispose of the document once you’re done using it. 

“If you discard your boarding pass without ripping off that part of the bar code, you are opening yourself” to problems, he said. 

Beyond that, Sampigethaya also suggests avoiding logging onto strange wifi networks while traveling if you can. 

“Don’t just get on the wifi because it’s advertised as free,” he said.  

Hackers sometimes set up seemingly innocent wifi networks in public areas and then skim user data from unsuspecting web surfers. 

“That’s a common problem at airports that passengers should be aware of,” Sampigethaya said. 

When I travel, I usually avoid looking at sensitive websites on hotel and airport wifi networks. For example, I typically don’t check my bank account balances when I’m on the road. 

Now, I’m not trying to make you too paranoid. You can still post fun, jealousy-inducing vacation pics and surf the web while you’re away, but it pays to be careful about exactly what you post and which websites you visit when you’re not at home. 

After all, not everything needs to be done for the ‘gram. 

Zach Wichter is a travel reporter and writes the Cruising Altitude column for USA TODAY. He is based in New York and you can reach him at zwichter@usatoday.com.

Back to Listing
credit: 
Recent

  • The Droids You’re Looking For: New Star Wars Experiences Announced At SXSW Read More

  • 12 Ways To Avoid Staying In A Bad Hostel Read More

  • Naked Woman On Southwest Flight Forces Plane To Return To Gate In Houston Read More