What is ‘Juice Jacking’ that RBI warned about?

The Reserve Bank of India (RBI) has recently cautioned mobile phone users about the potential fraud risks from “juice jacking”, a cyberattack vector, if they charge their devices through USB ports available in public spaces.
With growing reports of hackers tampering with such ports to steal sensitive user data, RBI’s advisory aims to spread awareness among people to take necessary precautions for protecting their finances and privacy.

What is Juice Jacking?

Juice jacking refers to a type of cyberattack where hackers rig publicly accessible USB power charging stations, like those found at airports, rail stations, malls etc., with malware or hardware modifications to illegally access data on connected mobile devices.

Once an unsuspecting user plugs in their smartphone or tablet to such a compromised charging port for topping up battery, data like contacts lists, photos, emails and even financial information can get secretly copied from the device to the hackers in a matter of few minutes.

The extracted sensitive information can then be misused by criminals for identity thefts, banking frauds and other online scams targeted at the victim using their private data.

Recent Incidents and Impact

There have been multiple reports of juice jacking attacks mounted successfully across the world over the last few years.

In India , Mumbai Police cyber cell unearthed illegal data extraction setups at public phone charging stations across the city in late 2023. Over 50 victims had their personal data siphoned using rigged charging ports before the scam got busted. Police suspected major identity theft and financial fraud racket emerging behind the scenes.

RBI’s Advisory on Safeguarding Data

As people’s heavy reliance on mobile devices for banking, payments and storing confidential information makes them highly vulnerable to juice jacking, RBI advises using personal chargers instead.

Additionally, the advisory shares best practices like avoiding financial transactions over public Wi-Fi and using VPN services to encrypt data. These can help citizens eliminate exposure from not just juice jacking but also wider phishing, malware and hacking risks targeting their mobile data.

Risk Mitigation Measures for Users

Heeding RBI’s risk advisory, people can prevent juice jacking thefts by following these basic safeguards:

  1. Avoid Charging via Public USB Ports – Irrespective of location, do not connect your phone for charging at ports in public areas like railway stations, airports, malls, cafes etc. Carry your personal charger and power bank instead when on-the-go.
  2. Disable Data Transfers While Charging – Under phone settings, turning off automatic data syncing/transfer when charging through external ports also blocks juice jacking malware from stealing data.
  3. Install Antivirus/VPN Apps – Reputed mobile antivirus apps and virtual private networks can secure devices from data breaches attempted via backdoors like juice jacking.
  4. Update Phone OS/Software – Ensure you have the latest OS and security patches installed which offer protection against emerging technical exploits.


Category: 

Leave a Reply