Juice Jacking: Be Careful Where You Plug In!

When consumers find a public charging kiosk, they might not think twice about plugging in a low-battery device for a few minutes. But when a cybercriminal tampers with the kiosk to install a small electronic device called a skimmer, these helpful tools become a “juice jacking” risk. This term comes from “hijacking” and “juicing” or “adding juice,” which is slang for charging a device.

When a “juice jacked” charging cable is plugged into a consumer’s device, it could install malware, lock the device and demand payment to unlock it, or steal sensitive data. The consumer’s passwords, financial information, credit card or bank account numbers, and contacts could be stolen instantly – and possibly without the consumer knowing it happened.

Few public charging kiosks are tampered with by scammers, but almost any of them could be. If consumers need to charge up, they should:

· Choose “Charge Only” if, when plugged in, their device asks them to pick between that and “Share Data” (or similar phrasings).

· Attach a USB data blocker device to the end of the cable, which allows devices to be charged while stopping any data transfer from occurring.

· Use a standard wall plug or portable battery with their own charging cable whenever possible, instead of a public charging station.