Business travel, working from a cafe, meetings at the airport: mobile work is now everyday life for many employees. And with it comes the question: how safe is that really? What happens when someone uses public Wi-Fi on the train or charges a smartphone at a USB charging station?
For years, two threat scenarios have dominated awareness training and security blogs: juice jacking and evil twins. Both are regularly presented as serious dangers. But what is really behind them, and what should security officers actually prepare employees for today?
Juice jacking: much ado about nothing
Juice jacking describes an attack in which manipulated USB ports or charging cables are used to extract data from a connected device or install malware. That sounds worrying, and the topic has regularly made headlines since 2011.
The sobering truth:
That is not because attackers lack interest, but because of technical reality: Apple and Google have integrated protective mechanisms into their operating systems since 2013. Modern iOS and Android devices block USB data transfer by default. Before any data can flow, the user has to actively agree through an explicit on-screen prompt.
What does that mean in practice? Special USB data blockers, often called "USB condoms", are unnecessary for current devices. If a charging station nevertheless displays a request for data transfer, reject it, disconnect the device, and look for another charging spot. That is all.
Juice jacking is no longer a relevant attack scenario. Positioning it as a major threat in awareness campaigns distracts from real risks.
Public Wi-Fi: more nuanced than its reputation
Here too, a sober look is worthwhile. The blanket warning that public Wi-Fi is dangerous was justified in the 2000s, when many connections were still transmitted unencrypted and an attacker on the same network could easily eavesdrop.
Today, the situation looks different:
- HTTPS is standard. All relevant browsers now enforce encrypted connections. All data between the device and the website is encrypted end to end, in public Wi-Fi just as in the corporate network. Unsafe HTTP connections are marked by clear browser warnings.
- Network infrastructure has caught up. Modern public hotspots, for example those used by Deutsche Bahn, employ techniques such as client isolation, which prevent devices on the same network from communicating directly with one another.
That means public Wi-Fi in hotels or airports is significantly safer for typical business activities than it was ten years ago. A general prohibition policy is hard to enforce and counterproductive in practice.
The real threat: evil twins
If public Wi-Fi is still dangerous today, it is mainly because of one specific attack technique: the evil twin.
An evil twin is a fake Wi-Fi access point that imitates a legitimate network, with the same or a very similar name and often even a stronger signal to entice devices to connect. Anyone who connects unknowingly can then be attacked in several ways:
- Phishing through captive portals. The attacker displays a deceptively real login screen familiar from hotels and airports. Instead of asking only for an email address, it also asks for the email account password. Anyone who is inattentive here hands over their credentials directly to the attacker.
- Forced App Installation. The fake Wi-Fi claims that a certain app has to be installed to connect. The app is malware.
- Phishing websites. Users are redirected to deceptively real copies of legitimate services, such as online banking or well-known platforms, and lured into entering data.
What distinguishes evil twins from juice jacking
Evil twins are more dangerous than juice jacking because they do not depend on a technical vulnerability in the operating system. They target the weakest link: people under time pressure. Anyone who needs to get online quickly at the airport does not read the login screen carefully.
And that is exactly where security awareness comes in.
4 rules that really protect
For protection in public Wi-Fi, there are four measures that actually work and that employees can understand and apply:
1. Use a VPN
A VPN connection encrypts all traffic and prevents an evil twin from intercepting or redirecting connections. VPN is the gold standard for secure mobile work, but it does not protect against one's own mistakes, such as voluntarily installing malware.
2. Verify Wi-Fi names
Before connecting, ask staff for the exact network name or check official signs. Similar-sounding names are a classic warning signal.
3. Provide only minimum data
When logging into public hotspots, entering an email address or phone number is common. If more is requested, especially passwords, disconnect immediately.
4. Do not install apps
No legitimate Wi-Fi network requires an app installation as a prerequisite for connecting. Such requests are a clear warning sign of an evil twin.
Conclusion: targeted education instead of blanket bans
The security level of mobile work is much higher today than reporting often suggests. Juice jacking is practically irrelevant. Public Wi-Fi can be used acceptably with the right measures. The actual threat, evil twins, is real, but manageable through clear rules of behavior.
What security leaders should take from this: awareness programs must be current and precise. Outdated or exaggerated threat scenarios undermine credibility and create resistance instead of behavior change. Employees who know what is really dangerous make better decisions, even without a VPN mandate or blanket usage ban.
Mobility is no longer an exception. It is working reality. Security strategy should reflect that.