Why you should never use a public charging port
As technology grows more sophisticated, so do users with malicious intent. Phishing, DDoS, Ransomware and SQL injections have all contributed to major losses not only for enterprises, but also for consumers.
In 2023 alone, the FBI’s Internet Crime Complaint Center (IC3) received a record number of 880,418 cybercrime complaints, with potential losses exceeding $12.5 billion. These statistics illustrate the real-world cost of cybercrime, and the consequences of not securing your cell phone or other devices from cyberattacks.
If you want to maintain the security of your devices, read on. In this article, we’ll talk about how public charging ports can be used to hack your phone and we’ll explore what public charging ports are, the types of threats they pose and best practices to keep your data safe.
eero Plus
eero Plus protects your family online with a password manager to safely create, store and share passwords, virus and malware protection and a VPN that lets you browse the web safely and securely.
What are public charging ports?
Public charging ports are USB outlets found in locations such as airports, hotels, shopping centers and other public places. While public phone charging stations may provide you with benefits, these technologies also present significant security vulnerabilities – similar to the risks of public WiFi.
Most public places to charge your phone are readily available and free. As anyone can access, modify or tamper with public USB charging ports, these ports and their lack of security makes them a prime target for cyberattacks, allowing cybercriminals to steal your data or install malicious software on your device.
Learn more: Home network security checklist
Types of threats
Let’s review some of the specific attacks a hacker could execute with a compromised USB charging station, such as juice jacking, malware injections and general data theft.
Juice jacking
Juice jacking is a type of cyberattack in which cybercriminals use compromised or modified USB charging ports to install spyware on your devices. Once connected, the spyware can steal sensitive data, including personal information, financial data and login credentials.
Malware injection
Similarly, a cybercriminal can use a compromised USB port to inject malware on your devices. This malware can then be used to monitor your activities, steal information, access your mobile data history or take control of your device.
Data theft
Data theft involves the unauthorized access and extraction of your personal information. When you connect to a compromised charging port, cybercriminals can gain access to your device’s data, including emails, photos and passwords.
A cybercriminal may use any combination of these strategies to extract sensitive information from your devices. If you suspect you may have had your data compromised, revisit our internet resources for home internet and device security to ensure you stay safe online.
Switch & save
Astound Broadband is the #1 cable ISP
Stream live content, work, surf, game and connect to multiple devices with speeds up to 1500* Mbps through our ultra‑reliable fiber‑powered network.*
Types of data at risk
Let’s define what specific data can be collected by a cyberattacker. Typically a cybercriminal will try and retrieve three types of data: personal information, financial data and login credentials.
Personal information
Personal information, such as contacts, photos, SIM card security settings and messages, can be accessed and stolen through compromised USB ports. This information may be used for identity theft or sold on the dark web.
Financial data
Financial data, including banking information and credit card details, is highly valuable to cybercriminals. Juice jacking and malware injections can steal this sensitive information. The theft and use of stolen information may cost an individual $4,476 USD on average.
Login credentials
Login credentials for email, social media and other online accounts may be stolen through compromised charging ports, allowing attackers to gain unauthorized access to your accounts and personal information.
Learn more: Social media security tips: best practices
So, what use is all this data to a cybercriminal? In 2023, the Insurance Information Institute and the Federal Trade Commission reported that 42% of cybercrime-related identity theft attacks resulted in the creation of a new credit card account in the name of the person whose details were compromised.
Preventive measures and best practices
You may be asking where you can charge your phone in public and what you can do to prevent these breaches. If you really need to charge in public, let’s review a few tips.
1. Use your own charger and cable with a wall outlet
Plug your charger directly into an electrical outlet. Wall outlets do not carry the same data transfer risks as USB ports, making them a safer option for charging your device.
2. Carry a portable charger
A portable charger or power bank is a convenient and safe alternative to using public charging ports. You’ll be able to charge your devices on-the-go and by plugging your portable charger into the USB port instead of your device, you won’t expose your device to potential security threats.
3. Invest in USB data blockers
USB data blockers prevent data transfer while your device is charging, protecting your device from juice jacking and malware injection.
4. Be cautious with public WiFi
There are many risks to using public WiFi services, such as your own internet security. If you’re on public WiFi, avoid accessing sensitive information or performing financial transactions. Use a Virtual Private Network (VPN) for added security.
5. Using VPNs for added security
A VPN encrypts your internet connection, making it harder for cybercriminals to intercept your data. This provides an additional layer of security when using public networks.
WiFi that just works!
WiFi plans for any home
Tiny, large or somewhere in between; find WiFi coverage to fit any space. Blanket your entire home with a fast and ultra‑reliable connection.
Safe alternatives to public charging ports
It’s understandable to be worried about the risks of public ports; however, there are safe alternatives to public charging.
Portable power banks
Portable power banks are a reliable and secure alternative to public charging ports. They allow you to charge your devices anywhere without the risk of data theft or malware.
Charging stations in trusted locations
If you must use a public charging station, choose one in a trusted location, such as a reputable hotel or business. These locations are less likely to have compromised charging ports.
Conclusion
Public charging ports, commonly found in airports, hotels and shopping centers, are highly vulnerable to tampering. Cybercriminals can modify these ports to steal data or install malicious software on your device.
Using compromised public charging ports may lead to unauthorized access of your personal data, financial losses and the potential for identity theft. To protect your devices and data, use your own charger and cable with a wall outlet, carry a portable power bank or invest in USB data blockers.
By taking these precautions, you can significantly reduce the risk of falling victim to cyberattacks and ensure the security of your devices and personal information.
Build your plan
Your perfect plan is just a click away
Get the speeds, WiFi, mobile and TV plans you need all at an affordable price. Bundle your services with Astound and see how much you can save.
Frequently asked questions
What is juice jacking?
In simple terms, juice jacking is a cyberattack. Hackers leverage compromised public USB charging ports to install malware, allowing data theft and unauthorized access.
How can I protect my data when charging in public?
If you need to charge your devices in public, opt for your own charger and cable, a portable power bank or a USB data-blocker to prevent any data transfer while charging.
Are all public charging ports unsafe?
Not all public charging ports are unsafe. However, there is no way to ensure a public port is secure. Assume potential risk, and use your personal charging methods.
What should I do if I suspect my device has been compromised?
If you think your device has been compromised, disconnect it immediately. Additionally, you may want to run a security scan, change your passwords and monitor your accounts for unusual activity.
Can charging cables be infected with malware?
Yes, malware can be embedded directly into a USB cable, and the cable delivers phone charger spyware when connected to a device. With these visually identical cables, hackers can gain access or steal data without the need for a compromised port.
Why shouldn't you use airport outlets?
Public electrical outlets at the airport might appear safe and convenient; however, cybercriminals may have compromised specific USB outlets with malware. It’s safer to use your own charger and cable or a portable power bank to avoid hacked airport chargers.
Create your perfect internet plan
Get the internet speed, WiFi, TV and mobile that’s just right for you.
*Internet speeds may vary & are not guaranteed. Certain equipment may be required to reach advertised speeds. DOCSIS 3.1 modem with 2.5GE physical LAN port is required for 1 Gigabit speeds and higher. See astound.com/yourspeed for why speeds may vary. To view Astound’s FCC Network Management Disclosure see astound.com/policies-disclaimers. Modem required for Internet service. No contract required. Subject to availability. We substantiate that the cable modem equipment provided, and the configuration of such cable modem, meets the broadband speeds advertised when attached to a wired connection based on SamKnows testing procedures.
Not all services, speeds, packages, equipment, channels, tiers, pricing, streaming services, product offerings and product features are available in all areas. Offers valid only for new residential customers or previous customers with account in good standing who have not had our service within the last 60 days. All names, logos, images and service marks are property of their respective owners. Other restrictions may apply.
While we have made every attempt to ensure that the information contained in this site has been obtained from reliable sources, Astound Broadband is not responsible for any errors or omissions, or for the results obtained from the use of this information. All information in this site is provided “as is”, with no guarantee of completeness, accuracy, timeliness and without warranty of any kind, express or implied, including, but not limited to warranties of performance, merchantability and fitness for a particular purpose. Certain links in this site connect to other websites maintained by third parties over whom Astound Broadband has no control. Astound Broadband makes no representations as to the accuracy or any other aspect of information contained in other websites.
eero Plus is available for an additional $9.99/month and requires subscription to whole home WiFi powered by eero.