Don’t have a VPN? There’s Tor, software that prevents third parties from seeing your location or the sites you visit. “It’s totally free and fairly easy to use,” said Professor Heninger, who uses Tor. The software can be downloaded at Torproject.org.

3. SIGN UP FOR TWO-STEP VERIFICATION. More and more sites — Facebook, Twitter, Yahoo, WordPress — allow users to set up their accounts so that signing in requires two ways of proving who they are. The most common method requires a password you create plus a code that is sent to you — via text message or through a special app — each time you wish to sign in.

For instance, let’s say you logged onto a fake Facebook page and hackers captured your user name and password. If that happened without two-step verification (known on Facebook as “login approvals”), the hackers could access your account when you log off. If, however, you had enabled login approvals, even though your user name and password were captured, the hackers would not be able to log into your account because they wouldn’t receive the requisite code. Now, if you’re someone who uses the same password for everything, this is where you still run into trouble. Here’s why: If your user name and password for Facebook are the same as those for another website that does not have two-step verification, hackers might figure that out and break into your other accounts. Yes, I know, you can’t keep all your passwords straight. That’s why there are password managers like 1Password and LastPass, which can create and store long, unique passwords.

4. BRING ONLY WHAT YOU NEED AND TURN OFF WHAT YOU’RE NOT USING. The latter goes for Wi-Fi and for Bluetooth. “It’s just another way to be compromised,” Professor Heninger said.

And don’t give away your email address or download an app in exchange for free Wi-Fi.

“Think about the recipient of that information,” she said. “You have no idea who set up that Wi-Fi network,” she continued, adding “You might have just downloaded an app that will download all your contacts.”

When it comes to travel booking and organization apps, one security concern is how much of your personal information the app is sharing, and with whom. Professor Hong said that, in general, apps that charge a fee are better because they have a revenue model. Those that do not are more likely to sell your information. He added that whether they are free or not, apps are also a potential security risk because they do not always encrypt your data when communicating to Web servers.

If you’re seriously concerned about security, Professor Heninger suggests creating a special travel email address and password. And she recommends buying a “travel laptop” that you load with only the information you need.