Serviceteam IT Security News

A substantial proportion of second hand mobile phones are vulnerable to being hacked due to not being supported by important security updates, an investigation by Which? has found.

The analysis centered around three popular mobile phone retailers: SmartFoneStore, Music Magpie and CeX. The worst affected was CeX, where nearly a third (31%) of phones sold are no longer supported by security updates from manufacturers. For SmartFoneStore, 17% of models sold were unsupported, while for Music Magpie it was 20%.

This is providing cyber-criminals with opportunities to target older vulnerabilities in these devices.

Which? said that it presented the three companies with the findings, and since then SmartFoneStore has issued a warning on unsupported devices so people are aware before they buy them, while Music Magpie has removed all the affected devices from sale. However, it has not yet received a response from CeX.

Which? has advised that customers check the manufacturer’s security updates page to find out this information before purchasing a used phone.

Commenting on the findings, Jake Moore, cybersecurity specialist at ESET, said: “It may sound like a great deal to purchase an older and cheaper device, but unfortunately you can’t put a price on security.

“Older phones notoriously have a use-by-date when they are no longer supported by security patches. These devices will often still work as normal on the surface, but threat actors can use older vulnerabilities under the hood to target their victims with ease, so those at risk must be reminded to check which operating system it currently supports before purchasing.”

For phones operating off an Android operating system, there will typically be two years of operating system updates and three years of security updates. For Apple iPhones, system and security updates are usually packaged together and these will continue for an average of five to six  years.

Source: Infosecurity Magazine

With over 20 years of experience, Serviceteam IT design and deliver sophisticated connectivity, communication, continuity, and cloud services, for organisations that need to stay connected 24/7. We take the time to fully understand your current challenges, and provide a solution that gives you a clear understanding of what you are purchasing and the benefits it will bring you.

To find out how we can help you, call us on 0121 468 0101, use the Contact Us form, or why not drop in and visit us at 49 Frederick Road, Edgbaston, Birmingham, B15 1HN.

We’d love to hear from you!