Charging stations in airports, bus & train terminals, hotels, and shopping malls.
These are all the places where many people will be charging their electronics. Hackers can insert malware or spyware into your electronics through “dirty charging ports.” Beware that charging your electronics in one of these places with just a USB cord could lead to an empty bank account or much worse.
The problem with using these charging stations, which are very convenient, is that they can leave your electronics susceptible to a cyber-attack. This is known as “Juice Jacking.” This is where you are plugging your phone or another device into an already compromised power cord, power strip, or charging station, putting your device at risk.
This is not new.
Juice jacking has been an issue and warned about by the Federal Communications Commission (FCC) for several years. The FCC explains that your electronic devices can be maliciously attacked while being charged. This maliciousness can lock a device or export your personal data and passwords directly into the hacker’s hands. They can then use this information to access your accounts online or even sell your information to others on the dark web. There have been reports of these criminals intentionally leaving compromised cables at the charging stations already plugged in. So, you think, ah, an extra cord, but every device you plug into with that cord will be compromised. There are also instances where infected cables with malware have been given away as promotional gifts.
The FBI has previously warned travelers and others about the risk of using hotel wireless networks. Attackers target hotels and are focused on obtaining records of guests, such as their names, personal information, and credit card numbers.
The draw of the hacker to the hotel environment is that there are many unaffiliated guests, all operating in one area and using the same wireless network. The guests cannot monitor the wireless network security, which leaves them vulnerable. Here the guest is leaving themselves open to hackers monitoring the guest’s internet browsing or even redirecting them to false login pages. Then there is the “evil twin attack,” where the hacker creates a malicious network. This network will be similar to the hotel’s real network name. The guest can then mistakenly connect to the evil twin network instead of the hotel’s, giving the hacker direct access to your computer, tablet, or cellphone.
When traveling, anytime you are using Wi-Fi or Bluetooth connections and you make a financial transaction by logging into your bank account, even if it is to move money around or use credit cards to purchase items, you are opening yourself up to money being stolen, your credit cards being hacked, or your identity being stolen. Remember that the convenience of public Wi-Fi can be extremely risky.
What to do:
- Always carry your charger and USB cord and securely charge your electronic devices using an electrical outlet, not a USB port.
- Bring your own AC and car charger.
- Carry a portable charger or external battery.
- Consider a charging-only cable, which will prevent data from being sent or receiving data while charging.
- If you have no other option but to plug into a USB port for charging and a prompt appears asking you to select “share data” or “charge only,” always choose “charge only.”
- Obtain and always use a Virtual Private Network (VPN), which will encrypt all transmissions and will mask your internet connection from hackers. This will make it much harder to compromise your accounts.
- Check the validity of available Wi-Fi hotspots. If there is more than one hotspot, it appears to be claiming to belong to the organization that you are in, then confirm with the staff to avoid connecting to the imposter. Travel with a MiFi, which is a mobile hotspot bringing you your own portable internet connection. The MiFi, unlike regular internet service, connects to a fixed wireless tower. Ensure you have a strong password assigned to your MiFi.
- Make sure all websites you connect to have the “https” at the beginning of the web address. If they do, then the data you are exchanging will be encrypted.
- Adjust your phone’s settings so it does not automatically connect to nearby Wi-Fi networks, giving you more control of when and where to connect.
- Always use your device’s data plans to access the internet instead of public access Wi-Fi when transmitting sensitive information if you do not have a hotspot or MiFi available.
Hackers are criminals who attempt to gain unauthorized access to a network or devices. Their intent is to steal sensitive data. This data could be financial or personal information or business secrets. Use all this information here to protect your devices from hackers. It only takes a few extra seconds to use any other means other than hotel Wi-Fi or plug into an electrical outlet instead of using the USB charging station. Ensure that your devices have added layers of security.
Resources:
“FBI warns against using public USB charging ports.” FBI, April 11, 2023,
“Everything you need to know about MiFI?” allconnect, February 22, 2023,