Many people sell or buy used cell phones as a way to make or save money, but what they may not realize is that this practice creates a major security risk
An estimated 3 in 10 used smartphones sold in the UK may be vulnerable to hackers, according to the UK consumer watchdog group Which?
"Consumers who want to make a sustainable choice and do not want to pay the high price of many of the latest luxury phones, opt for a used refurbished version instead," said a media release in Which?
"Keeping devices in circulation in this way helps protect the environment, but some phones lose support for critical updates after just over two years, making it unsafe for future owners to devices may use them
In the study, Which? examined used cell phones sold online through used UK retailers such as CeX, Music Magpie, and SmartFoneStore
Of the three companies, CeX was found to have the highest percentage of used smartphones, with 31% of handsets in its online inventory not eligible for security updates from technology companies (Unlike the other two companies, CeX has a physical store as well as a website)
Music Magpie came in second, with 20% of its used handsets not covered by security updates; only 17% of SmartFoneStore's inventory was not covered by security updates
Which? warned that all three companies "are reselling phones that are vulnerable to hackers, unbeknownst to customers, because manufacturers may stop providing critical security updates after a few years"
The study found that Apple's iPhone 5, Google's Pixel XL, Huawei's P10, Samsung's A8 Plus, and Samsung's Galaxy S7 were all sold as used devices, even though they were past the point where future security updates would be provided The company noted that the devices were being sold as used devices, even though they were past the time when future security updates would be provided
Since the Which? investigation, two of the used phone sellers in question have taken steps to crack down on the sale of unsecured used handsets
"In response to the Which? investigation, Music Magpie has removed the unsupported devices found by Which? from sale," a Which? press release stated It also stated that it would "inform consumers in the future if their products no longer receive security updates
"SmartFoneStore also released an update, adding a warning about unsupported devices
However, "CeX had no comment
Jake Moore, a security specialist at ESET, told Tom's Guide: "These devices often work well or even perfectly on the surface, but with the right knowledge, hackers can use unpatched They can cleverly exploit software vulnerabilities and target victims with all kinds of attacks, including keylogging to steal passwords
"Buyers should be careful to check the operating system currently supported on each device before purchasing a cell phone, as the shelf life for most models is usually only a few years before upgrades are made with hardware security patches Before purchasing a mobile phone, one should take care to check the currently supported operating system on each device
Comments