People who are buying or selling second-hand laptops, tablets and smartphones are being urged to follow new consumer guidance in order to protect their personal information and prevent it from falling into the hands of cyber criminals.
January sales often sees people looking for new personal computing devices while those who've received an upgrade over Christmas could be looking to sell their own model. Buying and selling second-hand devices can provide benefits to users, but the UK's National Cyber Security Centre (NCSC) has warned that if these devices are not properly secured, valuable personal information could be exploited.
Users who sell their devices without wiping them first could be handing their personal information and passwords on to others who might be unscrupulous when dealing with that data.
SEE: Network security policy (TechRepublic Premium)
The guidance provides instructions on what users should do to reset their Android, Apple, Google or Windows devices to factory settings in order to erase all content and personal data, including messages, contacts, photographs, browsing history, Wi-Fi codes, passwords, and any apps installed.
But it isn't just leaving data on old devices that could put users at risk from cyber criminals – buying a smartphone that is no longer supported by its manufacturer could also lead to problems because it will no longer receive security updates to protect against known vulnerabilities that could be exploited by cyber criminals.
For those buying second-hand devices, it's recommended that they perform a factory reset in order to erase all the personal data on it so they can't gain access to any personal data that might have been left behind, or fall foul of previously installed apps that could put their own personal data at risk.
"At this time of year many of us take advantage of the pre-owned tech market, either to grab a bargain or cash in on a device we no longer need." said Sarah Lyons, NCSC deputy director for economy and society.
"We want consumers to make the most of this market, but we also want them to be aware of the risks around security and personal data and what they can do to protect themselves.
The NCSC has also urged people who believe they've received suspicious emails to report them to the Suspicious Email Reporting Service (SERS) to help malicious websites get taken down and provide a better chance for everyone to stay safe online.
MORE ON CYBERSECURITY
- This critical software flaw is now being used to break into networks - so update fast
- Think twice before buying a refurbished Android phone: Why it might be unsafe CNET
- WFH leads to surge in mobile phishing and malware attacks targeting pharmaceuticals companies
- Popular Android apps still vulnerable to patched security flaw TechRepublic
- Cybersecurity: Do these things to keep your business safe from hackers, retailers told