The National Cyber Security Centre (NCSC) – part of the Government’s listening post GCHQ – said these models may not receive security updates from manufacturers such as Apple, Samsung and Sony. It also urged people to delete all their personal information when selling phones, tablets and similar items. This can be done by using the restore to factory settings tag.
That should also be used when buying a device before adding personal information. In its first post-Christmas sales guide, the NCSC said: “You don’t need to buy the latest or most expensive model to stay safe. But if possible avoid buying phones that are no longer supported by the manufacturer or whose support period will end soon.
“Our guidance also highlights the importance of erasing before selling so that it does not inadvertently fall into the hands of criminals.” The NCSC’s Sarah Lyons added: “We want consumers to make the most of this market but also want them to be aware of the risks around security and personal data and what they can do to protect themselves.”
The advice comes as more of us store work, personal, and banking data on our smartphones.
Which? also issued a similar warning. Computing editor Kate Bevan said: “Our research has found significant numbers of smart devices are being resold but are no longer supported with security updates from manufacturers – leaving users vulnerable to hackers.
“Anyone considering buying a second-hand device should find out when it was released and check if the manufacturer is still providing updates before parting with their cash. As the secondary and refurbished market continues to grow, manufacturers must be more transparent about how long they’ll provide security updates for.
“This is so people can make clear decisions and aren’t at risk of buying unsupported devices.”