Traveling this holiday season? A dead or dying phone or laptop is enough to send anybody on a mad dash to find a place to charge their device but individuals might want to think twice before using a random cable they have found — hackers could be waiting. BBB warns travelers, juicing up your electronic device at free USB charging stations, such as those found near airport gates, in hotels and other travel-friendly locations, could have unfortunate consequences. They could become a victim of “juice jacking”, a new cyber-theft tactic.
According to this alert from the Los Angeles County District Attorney, criminals are loading malware onto public USB charging stations to maliciously access electronic devices while they are being charged. The alert describes how malware installed through a dirty USB port can lock a device or export personal data and passwords directly to the perpetrator. This “juice jacking” happens when unsuspecting users plug their electronic device/s into USB ports or use USB cables that have been loaded with malware. Criminals can then use any gathered information to access online accounts or sell it to other bad actors.
“Like scammers who steal debit card numbers by putting illegal card-reading devices, called skimmers, on A.T.M.s, hackers can easily rip out USB ports and replace them with their own malicious hardware,” said Michael Sedio, Vice President, Chief Operations Officer & General Counsel of Better Business Bureau Serving the Pacific Southwest.
BBB shares the following tips to help avoid becoming a victim of juice jacking:
• Avoid using a public USB charging stations. Use an AC power outlet with your own adapters and cables instead.
• Carry a portable charger or external battery.
• Consider purchasing and carrying a charging-only cable, which prevents data from sending or receiving while charging, from a trusted supplier.
Public WiFi networks are another way cyber criminals target travelers. To learn more about mobile phone and online security, check out the FCC consumer guide: Wireless Connections and Bluetooth Security Tips.
• Contact the Federal Trade Commission at ftc.gov/complaint or by calling 877-FTC-HELP.
• File a complaint with the Internet Crime Complaint Center or at the District Attorney General.