Are Pre-owned Smartphones Safe? How To Choose A Second-hand Phone And Avoid Security Risks

Mobile Security

Buying a pre-owned telephone doesn’t person to mean compromising your information – return these steps to bask nan benefits of cutting-edge exertion astatine a fraction of nan cost

09 Dec 2024  •  , 5 min. read

The modern smartphone has go an indispensable portion of technology. These powerful, pocket-sized computers alteration america to do everything from hailing cabs to consulting pinch our section doctor. But costs tin beryllium prohibitive. Unsurprisingly, second-hand and refurbished devices person go an progressively celebrated option, providing entree to premium exertion astatine a fraction of nan value and appealing to budget-conscious consumers aliases those seeking sustainability.

Smartphones are besides often among nan most desired gifts during nan vacation season. The latest models whitethorn beryllium retired of scope for galore owed to their precocious price, truthful second-hand phones coming a much affordable action for gift-givers.

Also, immoderate group upgrade their smartphones during nan vacation season, either arsenic gifts to themselves aliases because they’ve received a caller telephone arsenic a present. This creates a secondary marketplace for pre-owned devices arsenic they waste aliases waste and acquisition successful their aged models.

The cardinal problem is not knowing what information these devices will get in. To debar unwittingly exposing yourself to cyber-risk, return clip retired to see nan pursuing tips.

What are nan risks of pre-owned phones?

Thanks to persistently precocious liking rates and ostentation crossed overmuch of nan Western world, second-hand phones are progressively commonplace. In fact, income generated complete $13bn globally successful nan first 4th of 2023 alone, up 14% annually, according to one estimate. In a mature marketplace for illustration nan UK, a 4th of each phones sold successful 2023 were reportedly second-hand aliases refurbished.

Yet this comes pinch definite cybersecurity risks. These include:

Outdated software

Some devices whitethorn nary longer beryllium supported by nan manufacturer, meaning nan underlying operating strategy doesn’t person package updates. That’s bad news from a information perspective, arsenic it intends that erstwhile vulnerabilities are recovered by researchers aliases threat actors, your instrumentality won’t get a information spot to hole it. It will efficaciously beryllium exposed to attackers. One 2020 study successful nan UK recovered that astir a 3rd of models being resold were nary longer supported pinch information updates.

Malware

In immoderate cases, a erstwhile proprietor whitethorn moreover person (unwittingly aliases not) installed malicious package connected nan phone. This whitethorn beryllium designed to do a assortment of things, from bargain your individual accusation and passwords to snoop connected your calls and messages. It whitethorn moreover flood nan instrumentality pinch unwanted ads aliases subscribe you to premium-rate services. The extremity end is usually to make money successful immoderate measurement disconnected you, either by stealing individual and financial accusation for usage successful fraud aliases integer extortion.

No refurbishment checks

Some pre-owned phones whitethorn not person undergone nan benignant of checks that reputable second-hand sellers execute to guarantee they are operational and moving connected a supported OS. This whitethorn expose you to immoderate of nan risks outlined above. 

How to debar cyber risks connected second-hand devices

Mitigating these risks takes a multi-pronged approach, starting pinch owed diligence during nan buying process. That efficaciously intends doing your research. Second-hand devices are disposable from a wide assortment of sources, from manufacturers themselves to high-street retailers, telcos, and backstage sellers. Put nan clip successful to make judge nan seller has bully reviews and their connection is legitimate. A warranty of astatine slightest a twelvemonth should beryllium a baseline request to guarantee quality.

It's besides champion to debar jailbroken aliases rooted devices, arsenic these whitethorn person had information features abnormal which make them much exposed to threats.

Also, only take devices that are still supported by nan manufacturer; usually, phone-makers will support a handset for astatine slightest 2-3 years aft it is released.

To further mitigate information risks, see nan pursuing aft purchase:

• do a afloat mill reset, wiping immoderate information that whitethorn person been near connected nan instrumentality by nan erstwhile owner, including contacts, photos, messages, browsing history, passwords and apps,
• update each nan package connected nan instrumentality aft purchasing to nan latest, astir unafraid version, and move connected automatic updates,
• keep an oculus retired for tell-tale signs that it mightiness beryllium compromised pinch malware, specified arsenic unwanted pop-ups aliases ads, apps appearing that you didn’t download, aliases sluggish capacity and unusually precocious artillery usage,
• install information package from a reputable supplier and person it scan nan instrumentality for threats.

Once your instrumentality is up and running, see nan pursuing champion practices to mitigate ongoing information risks:

• set up a surface fastener and PIN, password, aliases biometric authentication (face recognition/fingerprint scan) for unafraid access
• backup your information and group to automatic backups to nan unreality successful lawsuit nan instrumentality is mislaid aliases stolen
• delete immoderate unused apps to minimize your onslaught surface
• switch connected instrumentality encryption for an other furniture of security
• always usage multi-factor authentication to entree your instrumentality and immoderate software/accounts connected it
• turn Bluetooth, tethering aliases Wi-Fi disconnected erstwhile not successful use, to debar eavesdroppers snooping around
• check your app permissions – if immoderate apps are requesting access to much than is necessary, that should beryllium a reddish flag
• only download apps from charismatic app stores and from reputable developers
• be connected nan lookout for phishing messages and emails. If successful doubt, ne'er click connected links aliases unfastened attachments contained successful these messages. Always interaction nan expected sender separately first, aliases unfastened nan connection connected a much unafraid machine
• avoid utilizing nationalist Wi-Fi without a VPN.

If you’re still concerned astir your pre-owned telephone exposing you to information risks, don’t entree immoderate delicate accusation aliases accounts erstwhile utilizing it – specified arsenic mobile banking aliases syncing pinch your firm accounts. In fact, if your employer allows BYOD handsets successful nan workplace, location whitethorn beryllium an further group of rules and policies you request to travel to guarantee that your second-hand instrumentality tin beryllium used. The risks outlined supra could beryllium amplified if threat actors negociate to usage your handset arsenic a stepping chromatic to scope firm information and systems.

That said, there’s nary logic why a pre-owned telephone should origin undue accent and information risk, arsenic agelong arsenic you travel these champion practices. And if you determine to manus it connected to personification else, retrieve to perform a afloat backup, information erasure and mill reset.