Juice jacking is a type of attack involving a charging port from where data is stolen from the connected device; there are crawlers that can search a phone for personally identifiable information (PII), account credentials, banking-related or credit card data. These crawlers can copy all information to attackers’ own devices.
Modus operandi of Juice Jacking
-
Attackers install malware in a charging point near a bus stop/ railway station/ airport/other public places
-
When an individual charges a mobile phone or any other smart device using this targeted charging port, the malware is installed into the individual’s device.
-
Attacker gains an access to sensitive data including contact details, emails, personal messages, photos, videos, and financial credentials.
-
These details are then used to carry out the fraudulent transaction by attackers.
Security measures:
-
Keep your devices fully charged before traveling.
-
Carry a charged power bank (of a reputed company / known vendor) while t.
-
Avoid charging phones or other devices containing sensitive details at publicly available charging ports.
-
If there is a need to charge the device via public port, try using the cable that can be used only as charging and not a data transfer cable.
-
You may also install an anti-malware solution that protects your device from malwaresmalwarevents data theft.
Always remember Jo Satark, Wohi Surakshit!
To report a fraud, write to us at
fraudreporting@saraswatbank.com