Airplane passengers are required to present their boarding passes in order to board, which can effectively prevent unauthorized individuals from entering the aircraft cabin. However, boarding passes contain personal information of passengers that can be easily accessed by scanning the barcode or QR code on the pass. Therefore, it is highly advised not to share photos of boarding passes online to prevent personal information from being stolen and potentially used for criminal activities.
According to aviation news website “Simple Flying,” many people nowadays share their travel photos or information, including boarding passes, on social media platforms without realizing the potential risks it poses to their online security.
Boarding passes typically include personal details such as name, address, contact information, booking details, frequent flyer information, passport and driver’s license information, which can be obtained by scanning the barcode or QR code on the pass.
Robinson Jardin, the head of social media and digital departments at NordVPN, told Forbes magazine that travelers should avoid sharing too much holiday-related information online, with one of the major concerns being boarding passes.
Jardin pointed out that the real issue with boarding passes lies in the barcode, as anyone can use free online software to scan the barcode and extract the information stored on the pass.
Kevin Roundy, Senior Technical Director and Researcher at Norton, told Travel+Leisure magazine that sharing boarding pass information online is akin to informing potential criminals about your upcoming vacation and signaling that you will not be vigilant in checking your bank accounts during that time. Revealing your holiday plans also indirectly informs thieves that your home will be unattended, providing them with an opportunity to break in.
Even if your home is not burglarized, sharing personal information from boarding passes online puts you at risk of identity theft.
Roundy explained, “Hackers can use barcode scanners to steal information from boarding passes shared online or left on airplanes and in airports. Depending on the airline, a barcode scanner can access a passenger’s airline account, email, phone number, and flight confirmation code, all of which can be utilized for phishing attacks.”
Once hackers obtain this information, they can manipulate flight bookings and engage in identity theft. This stolen information can also be used for targeted scams or sold on the dark web, fueling further identity theft, unauthorized purchases, and other illegal online activities.
Highly sensitive information includes Passenger Name Records (PNR) and frequent flyer numbers, which, when accessed, can allow hackers to modify or cancel flights without needing to crack the password.
To prevent the leakage of personal information from boarding passes, individuals are advised to:
– Avoid taking photos of boarding passes.
– Use electronic boarding passes whenever possible instead of paper copies. (However, electronic passes are not entirely secure from hackers either.)
– If sharing photos of boarding passes is unavoidable, blur or black out sensitive information, including the barcode and QR code.
– Refrain from sharing travel details on social media.
– Do not leave boarding passes behind on airplanes or at airports.
Forbes notes that the safest way to protect personal information is to avoid sharing travel photos or any content containing boarding pass details online while traveling.
In a previous report by Da Ji Yuan, a former British thief shared tips on ensuring home safety, emphasizing that sharing too much information, such as travel photos, on social media is a common security vulnerability that can attract thieves. Essentially, broadcasting your absence from home to the world may invite burglars to make a visit.