National Cyber Security Centre
Public urged to secure second-hand devices ahead of January sales
The NCSC has published guidance to help the public secure second hand devices.
- The National Cyber Security Centre (NCSC) issues first ever guidance for consumers buying or selling second-hand internet connected devices
- Transactions involving pre-owned tech expected to increase in the weeks immediately following the festive period
- Shoppers urged to consider guidance carefully when thinking about buying or selling used devices to ensure their personal data is not accessed by criminals
People looking to buy and sell second-hand tech devices in the post-Christmas sales are being urged to follow new guidance to protect them from having valuable data such as bank details stolen by cyber criminals.
The brand-new Buying and Selling Second-Hand Devices guidance published last week by the National Cyber Security Centre (NCSC) – a part of GCHQ – outlines the steps people can take to protect their personal data when buying or selling used tech.
Traditionally, the post-Christmas and New Year period sees a rise in the number of people selling their second-hand devices, such as mobile phones and tablets, as they have been replaced by newer versions over the festive season.
These devices – especially smartphones – contain more work, personal, and financial data than ever before, and this guidance highlights the importance of erasing this before selling so that it does not inadvertently fall into the hands of criminals.
The NCSC is also encouraging shoppers who buy a second-hand device to familiarise themselves with advice from the government’s Cyber Aware campaign, which encourages users to ensure their devices are kept up to date and to turn on two-factor authentication on their online accounts.
Sarah Lyons, NCSC Deputy Director for Economy and Society, said:
“At this time of year many of us take advantage of the pre-owned tech market, either to grab a bargain or cash in on a device we no longer need.
“We want consumers to make the most of this market, but we also want them to be aware of the risks around security and personal data and what they can do to protect themselves.
“As people look towards the post-Christmas sales we would encourage them to follow the steps in our ‘Buying and Selling Second-hand Devices’ to help them stay secure and shop with confidence.”
The advice, which can be found in full on the NCSC’s website, includes tips on
- what to do before you erase the data on your device;
- how to erase the data on your device;
- choosing a second-hand device, and;
- things to know before using a second-hand device.
Kate Bevan, Which? Computing Editor, said:
“Our research has found significant numbers of smart devices are being resold, but are no longer supported with security updates from manufacturers, leaving users vulnerable to hackers.
“Anyone considering buying a second-hand device should find out when it was released and check if the manufacturer is still providing updates before parting with their cash.
“As the secondary and refurbished market continues to grow for tech products, manufacturers must be more transparent about the lifespan of devices and how long they'll provide security updates for, so people can make clear decisions and aren't at risk of buying unsupported devices.”
Earlier this year, the NCSC and the City of London Police launched the Suspicious Email Reporting Service (SERS), which received 2.3 million reports from the public in its first four months resulting in thousands of malicious websites being taken down. Members of the public who have received a suspicious-looking email over the holiday period should forward it to email@example.com.
More advice on protecting yourself and your family online can be found by visiting the government’s Cyber Aware website, which details six practical steps that help protect against the majority of common cyber threats.
Latest News from
National Cyber Security Centre
Joint Advisory: Exploitation of Accellion File Transfer Appliance24/02/2021 15:30:00
Cyber security organisations in the UK, USA, Australia, New Zealand, and Singapore publish advice to defend against malicious cyber actors.
NCSC consolidates advice on secure home learning23/02/2021 13:15:00
Three tailored blogs to help manage remote education technology safely.
UK supports US charges against North Korean cyber actors18/02/2021 11:10:00
Indictment charges individuals with involvement in hacking and fraud conspiracy
Schools recognised by cyber experts for first-rate teaching16/02/2021 11:15:00
14 schools and colleges across the UK are the latest to receive CyberFirst Schools status for their excellent cyber security teaching.
Thousands of girls take on codebreaking puzzles in bid to win UK cyber security crown12/02/2021 14:15:00
The 2021 CyberFirst Girls Competition saw over 6,500 students take part, teams now go through to the online semi-finals in March.
Scottish schoolgirls succeed in UK cyber security competition12/02/2021 12:12:00
Pupils at nine schools in Scotland have been successful in reaching the semi-final stage of the 2021 CyberFirst Girls Competition, run by the NCSC.
New UK Cyber Security Council to be official governing body on training and standards09/02/2021 14:22:00
The government has set up a new independent body to boost career opportunities and professional standards for the UK’s booming cyber security sector.
Cyber innovators help protect UK connected places03/02/2021 11:15:00
The latest NCSC Cyber Accelerator cohort has been announced.