Click it and Unblock the Notifications
The government has issued a warning to citizens, urging caution when using public phone charging stations or points. These stations or points, commonly found in airports, cafes, hotels, trains, and bus stands, have become a concern due to the rising threat of the "USB charger scam."
Understanding the USB Charger Scam
Cybercriminals employ the USB charger scam to exploit unsuspecting individuals who rely on these charging stations while on the move. One of the tactics they use is known as "juice-jacking," which poses a significant risk to users' data security and device integrity.
What is Juice-Jacking?
Juice-jacking involves compromising USB charging ports or the cables connected to them with malware. These compromised ports are often present in public charging stations, making them a prime target for cybercriminals.
How Does Juice-Jacking Work?
When individuals connect their devices to compromised ports for charging, they inadvertently expose themselves to potential data theft, malware installation, or device hijacking. Normally, USB ports transfer both electricity and data, but juice-jacking manipulates the port to remain active for data transfer even during charging. This allows attackers to access sensitive information, monitor keystrokes, or upload viruses to connected devices.
Notable Cases and Concerns
As of April 2023, there have been no confirmed cases of juice-jacking outside of research efforts. While cybersecurity experts do not consider juice-jacking a significant threat for most users, the risk increases when individuals are specifically targeted by skilled hackers.
Preventive Measures
The CERT-In advisory provides several best practices to mitigate the risk of falling victim to the USB charger scam:
1. Exercise Caution: Think twice before using public charging stations or chargers.
2. Data-Blocking: If you must use a public USB port, use a data-blocking adapter or cable.
3. Carry Personal Charging Accessories: Always carry your own power bank or charging cable to avoid using public USB stations.
4. Secure Your Device: Implement security features like PIN or password locks on your device, and avoid pairing with unknown devices to prevent unauthorized access.
5. Charge Safely: Consider charging your phone when it is turned off to minimize exposure to potential cyber-attacks.
6. Use Secure Alternatives: Whenever possible, use electrical wall outlets to charge your mobile device.
Additional Protective Measures
In addition to the CERT-In recommendations, users can take proactive steps to safeguard their devices:
- Keep Software Updated: Regularly update your smartphone's software to patch security vulnerabilities and protect against emerging threats.
- Install Malware Detection Software: Consider installing malware or virus detection software for added security against malicious attacks.
Responding to Scams
If you suspect that you have fallen victim to the USB charger scam, it is essential to take prompt action. Report any incidents of cyber fraud immediately by calling 1930 or filing a report at https://www.cybercrime.gov.in.
