Michigan Attorney General Dana Nessel is warning consumers to beware of another method hackers have devised to steal their personal data.
The FBI calls it “Juice Jacking,” a cyber-theft tactic that can occur whenever an electronic device is plugged into a public charging station like those found in airports or hotel lobbies.
These public charging stations are open to anyone, including bad actors, who can secretly install malware into the stations. When unsuspecting consumers plug in their devices, the malware gains access to the device being charged. The malware can lock the device or export personal data and passwords.
Juice jacking can happen in 2 ways: by plugging a device into a public USB port with your own charging cable, or by using an infected cable provided by someone else.
The FCC has even reported incidents of infected cables being given away as promotional gifts. In some cases, hackers will install and hide a skimming device inside the USB ports of the kiosk.
Nessel provided the following tips to avoid becoming a Juice Jacking victim.
- Avoid using a public USB charging station. Use an AC power outlet instead.
- Bring an AC outlet charger, car chargers, and your own USB cables with you when traveling.
- Carry a portable charger or external battery.
- Consider carrying a charging-only cable (which prevents data from sending or receiving while charging) from a trusted supplier.
- If you plug your device into a USB port and a prompt appears asking you to select “share data” or “charge only,” always select “charge only.”
For more information, see Malware – What It Is and How To Avoid It.
For information on how to recognize the signs of malware, see How To Recognize, Remove, and Avoid Malware.