The UAE Cyber Security Council has urged people to be vigilant when using public mobile phone charging points due to the growing threat of so-called juice-jacking attacks from opportunistic hackers.
The authority said some charging banks – typically found in transport hubs such as airports, train stations and shopping centres around the world – may contain malicious software or hidden systems capable of accessing personal data.
The council, in an advisory to state news agency Wam, said 79 per cent of travellers were unwittingly putting their personal data at risk by charging devices at “unsecured public stations”.
It did not disclose the source of the statistics, but global agencies and technology experts have long been warning of the pitfalls of such practices.
In 2023, the FBI cautioned against using free public charging ports because cyber criminals had ” figured out” how to use them to infect devices with malware and other monitoring software.
The US Transportation Security Administration issued a similar alert this year, stating: “When you’re at an airport, do not plug your phone directly into a USB port. Bring your TSA-compliant power brick or battery pack and plug in there.”
The term juice-jacking describes a form of cyber attack where public USB charging points are used to steal data from or install malware on devices such as smartphones and tablets.
The UAE council has raised the alarm ahead of the busy travel period, including a long weekend for celebrations of the 54th National Day and the winter break for schools, which runs from December 8 to January 4.
Know the warning signs
The council listed several warning signs that may indicate a device has been exposed to such attacks, including rapid battery drain, slow application performance, repeated system crashes and the appearance of unfamiliar symbols or messages.
The Cyber Security Council provided a set of preventive guidelines, foremost being to carry a personal charger while travelling, avoiding public charging stations as much as possible and rejecting any data-transfer requests during charging.
It also advised enabling two-factor authentication, using biometric login features such as a fingerprint or facial recognition and reviewing app permissions, ensuring no unnecessary access is granted to photos, messages or contacts.
It stressed the importance of verifying the safety of installed applications, noting that some apps may contain malicious software enabling hackers to steal personal data or spy on users, with dangers extending to financial fraud and the theft of bank card and online account information.
