Cybersecurity experts are urging caution, warning that the convenient public USB charging ports and free Wi-Fi could be a gateway for data theft.

The threat, known as juice jacking, involves criminals tampering with public USB ports in places like airports or hotels. These modified ports can secretly install malware onto your device or siphon personal data including passwords, banking details, and private messages the moment you plug in.

Authorities like the US Federal Communications Commission (FCC) have long warned that malware installed through a corrupted USB port can lock a device or export personal data and passwords directly to the perpetrator. This information can then be used to access your online accounts or sold on to other criminals.

So, how can you protect yourself while on the go? 

The safest rule is to avoid public USB ports altogether. Instead, prioritise using a traditional AC power wall socket with your own charger. If only a USB port is available, always use your own charging cable and carry a USB data blocker adapter, a small, inexpensive device that physically prevents data transfer, allowing only power to flow through.

Be wary of any prompts on your phone asking for data-sharing permissions, always select charge only if given the option. However, be aware that newer, more sophisticated attacks known as choice jacking can sometimes bypass these prompts. Ultimately, the most secure solution is to carry your own portable power bank, eliminating the need for public charging ports entirely.

The cyber-threats don’t stop at charging ports. Connecting to free, unsecured Wi-Fi networks in public places is equally risky. Cybercriminals often set up fake networks with legitimate-sounding names like Meikles Hotel Guest Wi-Fi to create what is called evil twin hotspots. Once connected, they can intercept your unencrypted internet traffic.

A recent Google report advised against using public Wi-Fi whenever possible, stating that these networks can be unencrypted and easily exploited by attackers. If you must connect, use a reputable Virtual Private Network (VPN) service, which encrypts all your data. Where available, opt for password-protected networks where you have to ask a staff member for the credentials.

It is also advisable to avoid conducting sensitive transactions, such as online banking or shopping, while connected to public Wi-Fi. Also, be mindful of shoulder surfers who may be watching you enter passwords or personal information. Even revealing your email address in public could provide a scammer with just enough information to craft a convincing, targeted phishing message later.

In today’s connected world, a little vigilance goes a long way. By being proactive about how you charge and connect, you can ensure your personal data remains secure.