NewsLocal News


Experts warn about "juice jacking" phone scam this holiday season

Posted at 8:17 PM, Nov 26, 2019

LANSING, Mich. — It's pretty convenient to have USB ports all over airports so passengers can charge their phones or laptops while they wait, but it's convenient for thieves too.

Experts warn about the latest threat to your data, a phone scam where hackers take over public USB ports. It's called "juice jacking."

"Juice is an old name for electricity. You turn on the juice so when you're charging your phone, you're giving it juice. In the old phones you would just use a charger and a communication port. And so when you plug it into like a public charging station, if the charging station has some malicious code on it, it could pull information from the phone through the communication channel as you plug in your charge," said Jeff Dettloff, President of Providence Consulting.

As you're traveling home for Thanksgiving, waiting in airports, train stations or hitting the mall, Dettloff suggests avoiding plugging into USB ports to charge your phone just to be safe.

"Just a regular charging station there's no worries. It's only if someone has modified that station specifically," said Detloff.

But Detloff warns malicious USB ports are hard to spot and the damage could happen quick. He founded Defeat The Breachto try to inform users about vulnerabilities like this and how to protect themselves against attacks.

The Better Business Bureau of Western Michigan (BBB) says the consequences could be serious.

"If it happens, the hackers now have all the data that was on your phone, and that could be anything from location tracking, to apps, to credit cards, and bank account information," said Troy Baker from the BBB.

Because there's no visible way of identifying an affected charging station, they suggest using a three-prong outlet or portable charger.

"In reality, all of us have to weigh the convenience of what we're doing versus the risk of it hurting us, and if you're about to get on a plane and you're sitting in an airport for 8 hours and you've got a layover, you're probably going to have to plug your phone in. The data on actual incidents of it actually happening is pretty slim, but it certainly is a possibility. It is a possible vulnerability that people should be knowledgeable about," said Baker.

Dettloff also warns about using public WiFi and suggest only connecting to those protected with encrypted passwords.

"What's happened lately is the airports, the coffee shops, the hotels, they used to have a security code so if you want to connect to public WiFi they would publish a code for you to type in that was a secure way to do it. Because people can't figure that out or have difficulty getting that to work, they would get frustrated. So in order to be a good customer servant, I'm going to make it easy for you so I don't have a code. So when you don't have a code, the data you're exchanging between you and the wireless server is not encrypted so someone sitting in the chair next to you with the proper scanning device could read everything that's happening between that wireless connection between that," said Dettloff.

The BBB says so far, there haven't been any cases of "juice jacking" happening in Michigan, but say that doesn't mean it hasn't happened.

They want users to not be alarmed, but to consider the possibility as they make their holiday plans.

Want to see more local news ? Visit the FOX47News Website.

Stay in touch with us anytime, anywhere.

Download our free app for Appleand Android


Sign up for newsletters emailed to your inbox.

Select from these options: Breaking News, Severe Weather, School Closings, Daily Headlines and Daily Forecasts.

Follow us on Twitter

Like us on Facebook