The Dangers Of Buying A Used Phone

October 1, 2020

Return to Learning Center

Be wary of used cellphones.

With top of the line phones like the Samsung Galaxy S20 Ultra and iPhone 11 Pro costing over $1,000, it's more tempting than ever to pick up a bargain, refurbished phone from the back of some dude's van off of Craigslist and call it a day. But it could be a little risky. Be a little careful about buying a refurbished phone. Here's what the problem is.

Phones released years ago run older versions of Android with security problems. That could mean that they don't have critical security patches that can keep you and your data safe from hackers and thieves.

Whenever cybercriminals discover a new security flaw in your phone's software to exploit, phone operating system makers usually get it fixed quickly and that fix is sent out to your phone to make sure that nobody can take advantage of it. That's called a security patch or software update. It's a continual cycle of identifying threats, solving them, then finding the next one. Software engineering is still a relatively new field and this is just how things are until humans get better at it.

Most problems are continuously fixed this way, but there's still an issue. Most manufacturers such as Samsung, Sony, Google and HTC only provide support to a device for so long. Each new phone that's released and each new version of Android require new threat assessment, bug fixes, and test. That's a lot of work, and it means that finding and patching those holes for every single handset spanning years and years just becomes unfeasible. Most phones are only supported for so long, usually a few years. Once a phone is a few years old, there's a chance that problems will stop getting fixed.

This is a problem as a vulnerable phone could allow full access to everything that's going on in your life, including your personal and company emails, contact information, your banking details or audio of your phone calls. We've seen how dangerous SIM Card Fraud is and much it could disrupt your life and this could be even worse. A hacker could continue to have access to your information for as long as you continue using the vulnerable handset.

How do I know if my phone is out of date and no longer supported?

Finding out if your phone is still supported and receiving security patches often isn't straightforward. To start, go into Settings and check your software updates. Install the latest version. Usually it'll give you some mention of when the software was last updated. If your phone says it has the latest OS software, but that latest version was installed many months or years ago, it's likely bad news. Your phone is probably no longer supported. Sadly, manufacturers don't give you a big warning that tells you when they've dropped support for a phone so you'll have to keep tabs on this yourself. But a good rule of thumb is that if a phone is more than 2 or 3 years old, it will probably not be supported for too much longer. Apple is a little better at patching older phones for longer, but even they have their limits.

How can I tell if my phone has been hacked before?

Whether you'd ever notice if your phone's security was compromised is impossible to say as many of them would take great effort to remain undetected. It could be a good idea to look out for unexplained high data and battery usage and sluggish performance, but this could just be older hardware that is heating up more and degrading due to time.

How can I keep myself safe if I have an old phone?

In an ideal world, the best way to keep yourself safe is simply to not use a phone that's no longer supported by the manufacturer. An old phone can perhaps still be used around the house connected to the WiFi and used as a web browsing or video browsing device as long as you're careful not to use it for sensitive tasks. Understandably, if you're short on money, can't afford to upgrade just yet or you're using an older phone temporarily for travel or some other reason, try to keep your software patched as best as you can and avoid accessing sensitive info like bank statements on there until you get a new phone.

We hope you enjoyed reading this guide and learned something new! Check out our Learning Center to learn more about online privacy and security or consider subscribing to our Online Privacy Service to remove your phone number, name, and address from Google, Bing, Yahoo, and DuckDuckGo search results and hundreds of data broker sites.