Beware of Juice Jacking when Charging Mobile Phones at Public Charging Stations

In today's world, many shopping malls, coffee shops, and even public facilities offer complimentary charging stations as part of their enhanced customer services. These stations provide a convenient way for patrons to quickly recharge their mobile phones. However, users of such services may not realise that their phones could be subject to cyber attacks.

One of the potential risks is known as "juice jacking", hackers may tamper with the charging station or use a malicious device that mimics a charging port. When a user connects their mobile device to the malicious charging station, the hackers may gain access to the device's data, including personal information, passwords, and other sensitive data. Additionally, hackers can also install malware onto the device, allowing them to monitor the user's activities or gain remote control over the device.

Below are security tips from HKCERT for mobile phone users to avoid falling victim to juice jacking:

1. Use power-only USB cable / USB data blocker dongle to avoid USB data connection;
2. Use your own USB charging AC adaptor for charging at electrical outlets;
3. Do not grant trust if the portable devices prompt for allowing USB data connection;
4. Install security software and update latest virus definition to minimise the risk of malware infection;
5. Keep your portable devices up-to-date with latest software patches;
6. Use own power bank or power bank rental service whenever possible.