It’s not a new health food craze - Juice Jacking is a way to steal your information straight from your cell phone or tablet while the device is still in your possession. Picture this: you’re at an airport and your flight has just been cancelled. You’re down to bare bones on juice (aka, battery power) on your phone but don’t have your charger, only the USB cord. Ah, but what do you see? A handy-dandy free power charging station! Where you might think this is your best luck all day, it could actually lead to criminals gaining all of your passwords, photos and other personal info stored on your device, including card numbers.
This new way to hijack your info starts with criminals tampering with these unsecured charging stations to install a small computer so that when you charge your device using a USB, it syncs with your device and siphons off all your info. This all happens while you sip your coffee waiting for your device to charge.
Once a device is sync’d to a computer, criminals can remotely access the phone again at any time in the future. And that’s not all; some researchers indicate devices are also infected with malware during the charging process (the gift that keeps on giving, but not in a good way.)
This is not just occurring in airports either, but free charging stations nationwide, including malls and bus terminals.
This isn’t really a new thing; alerts started circulating in 2011 when these stations became popular. However, since the number of reports of fraud from consumers and stations found to be tampered with have increased, I wanted to share a few safety tips when charging your device in public:
1. If possible, only use your charging cord plugged into a wall outlet.
2. Reality says we don’t always have our charging cord handy, and wall outlets (especially in malls and airports) are few and far between, so consider carrying a backup battery or personal quick-charger. I got a cool personal phone charger at a conference (vendor giveaway) that runs on a single AA battery. It doesn’t give me a full charge, but it will get me by for a while in an emergency. I just leave it in my backpack so I always have it with me while traveling.
3. If carrying your own backup is a hassle, you might want to invest in a power-only USB cord to use with public charging stations. These cords are missing the wires necessary for data transmission so they literally can only charge the device.
A final note - some security experts recommend that if you use free charging stations that you lock your phone (i.e. with a PIN or fingerprint) so the pairing / syncing can’t occur without the authentication measure. However, recent reports of criminals also using these stations to download malware on devices while you charge may render this ineffective, so until we know more, I wouldn’t rely on a PIN to protect your device in these circumstances.
Here's to happy go lucky, fraud free calls in your future.