Avoid using public charging stations.

You should be very cautious about using public charging stations (especially those with USB ports) to charge your phone or tablet due to significant cyber resilience and security risks.  The primary threat is known as “juice jacking.”

Why you should avoid using public charging stations (juice jacking):

• Data Theft: Public USB charging ports can be compromised by malicious actors.  When you plug in your device, these compromised ports can be used to install malware, steal personal data (photos, contacts, banking information, passwords, and other sensitive data), or even completely disable your device.³ This is because USB ports are designed to transfer both power and data.
• Malware Installation: Hackers can embed chips with malicious software into USB charging ports or use infected cables that look legitimate.  This malware can then infiltrate your device, leading to further security breaches and system malfunctions.
• Credential Theft: Installed malware can steal login credentials, potentially giving attackers access to your cloud services, company servers, or other online accounts.
• Continuous Data Siphoning: Some malware can continuously exfiltrate data, leading to ongoing breaches and significant financial and reputational damage for individuals and organizations.
• “Quishing” (QR code phishing): On EV charging stations, fake QR codes can be placed that redirect users to fraudulent payment portals, leading to the theft of payment credentials.
• Unauthorized Access and Manipulation: Hackers can gain unauthorized access to charging station systems, potentially manipulating charging sessions, altering configurations, or even taking control of the charging infrastructure.  This is more relevant for EV charging, but highlights the broader risk of compromised public charging points.

Top Tips to Protect Yourself:

1. Use Your Own Charger and AC Outlet: The safest option is to use your own charging brick and cable and plug directly into a standard electrical wall outlet (AC socket).  This ensures only power is transferred.
2. Carry a Portable Power Bank: An external battery pack or power bank is an excellent alternative.  Charge your power bank at home or in a secure location and use it to charge your devices on the go.
3. Use a “Charge-Only” Cable or USB Data Blocker:
   • Charge-only cables: These specially designed USB cables only allow power to flow, blocking any data transfer.
   • USB data blockers (or “USB condoms”): These small devices plug in between your device and the public USB port, physically preventing data transfer while allowing your device to charge.
4. Select “Charge Only” When Prompted: If you must use a public USB charging station and your device prompts you with options like “Trust this device,” “Share data,” or “Charge only,” always select “Charge only.” Do not select “Trust this device” or “Share data.”
5. Keep Software Updated and Use Antivirus: Regularly update your device’s operating system and applications. These updates often include security patches for known vulnerabilities.  Consider using reputable antivirus software on your devices.
6. Avoid Public Wi-Fi for Sensitive Transactions: While not directly related to charging, public Wi-Fi networks are often unsecure.  Avoid logging into banking apps, email, or other sensitive accounts when connected to public Wi-Fi.
7. Be Vigilant: Always be aware of your surroundings and inspect charging stations for any signs of tampering or suspicious attachments.
8. Don’t Leave Devices Unattended: Even when using a seemingly secure charging method, never leave your phone or tablet unattended in a public place.