The Transportation Security Administration issued a cybersecurity warning to airport travelers.
The post, which the TSA shared to Facebook on March 5, included two best practices for the public to follow, and the potential consequences for ignoring them.
“When you’re at an airport do not plug your phone directly into a USB port. Bring your TSA-compliant power brick or battery pack and plug in there,” the TSA’s first suggestion read.
Plugging into a public USB port exposes the user to “juice/port hacking,” in which hackers install malware into the outlet to steal data, according to the TSA.
“Don’t use free public WiFi, especially if you’re planning to make any online purchases. Do not ever enter any sensitive info while using unsecure WiFi,” the second piece of TSA guidance read.
The Federal Communications Commission has warned about “juice jacking” since as early as April 2023.
The FCC said plugging into a malware-infected USB could lock up a user’s device and allow a hacker to export data and passwords.
In addition to what the TSA recommended, the FCC offered another tip.
“If you plug your device into a USB port and a prompt appears asking you to select ‘share data’ or ‘trust this computer’ or ‘charge only,’ always select ‘charge only,’” the FCC advisory read.
Alex Carlton, a writer for the Australian travel website Escape, wrote an article about a time she was the victim of a Wi-Fi scam in Sydney, Australia.
“I remember the Sydney Airport Wi-Fi login process looking a bit weird,” Carlton wrote.
“The security question asked simply ‘Where are you travelling to?’ and unthinkingly I typed in ‘London’ and the Wi-Fi connected right away,” she continued.
“It did seem odd. Normally you need to tick boxes about consenting to the airport using or not using your information, or to understanding their terms and conditions,” Carlton’s article read.
Carlton later discovered an unauthorized $43 charge before she canceled her credit card.
She later learned she’d been duped in an “Evil Twin” scam, in which hackers create a Wi-Fi account that looks similar to the airport’s official account — something busy travelers are unlikely to notice.
“You never think a hacker or scammer is going to get you — or at least I don’t,” Carlton wrote. “Of course I had a vague idea that public WiFi isn’t watertight, but for the most part I sail through the universe thinking that the world is so jam packed full of data and info, what are the odds that anyone would want mine?”
Advertise with The Western Journal and reach millions of highly engaged readers, while supporting our work. Advertise Today.