A non-public advisory from the US Secret Service aims to inform the hospitality industry to rigorously check the computers that are usually accessed by hotel guests. The Secret Service warns that these computers are targeted by crooks by installing keystroke-logging malware as a way to steal the guests' personal and financial data.
On July 10, the advisory had been distributed to several companies that belong to the hospitality industry. The Secret Service recommends that hotels should limit the guest's usage of computers and discourage them from installing apps.
However, wiping the data in a PC after using it may not be successful at all times. Chances are, a dedicated crook would still be able to run a code using a CD or USB drive that would make one's deleting effort a futile step.
One part of the advisory reads: "In some cases, the suspects used stolen credit cards to register as guests of the hotels. The actors would then access publicly available computers in the hotel business center, log into their Gmail accounts and execute malicious key logging software."
The truth lies in the fact that once a skilled attacker has gained access to the computer's system, it's more likely that the computer's security will be compromised. This truth is just one of the "10 Immutable Laws of Security" that has been enumerated in Microsoft's TechNet blog. Another item says that "If a bad guy has unrestricted physical access to your computer, it's not your computer anymore."
The art of remote computer hacking would need some basic skills to come out successful. However, compromising physical computers is as easy as quietly installing a keylogger through a USB stick. Keyloggers keep track of every activity done on a computer then transmit the data back to the malefactor.
The "good" news is that not every hotel has already been compromised. Still, it's best to know how one can avoid becoming a victim.
If the purpose of using the computer is only for browsing or researching for some information, then there is nothing to worry about that. When there's a need to use the computer for other purposes, it's therefore advised the one uses his own gadgets and devices.
One great way to avoid email hacking is by creating a throwaway email address. This can be done through either using 10minutemail.com or yopmail.com. One can use his newly created email to print data from his real email then forward it or file it to his throwaway email address. By doing this, one can safely retrieve any of his files from a public computer by accessing the throwaway address.
