Your browser is obsolete!

The page may not load correctly.

The rules of ”basic hygiene”

Правила гигиены

Other issues in this category (103)
  • add to favourites
    Add to Bookmarks

What to verify when buying a smartphone from a private individual

Read: 16031 Comments: 0 Rating: 0

Thursday, November 24, 2022

Buying a second-hand device is not only a good way to save money but also a big risk of acquiring a pig in a poke. We will tell you how to minimise this risk and recognise an unscrupulous seller in time.

Risk № 1. Shipping via a transport company

Are you going to buy a smartphone via a notice board with subsequent forwarding or delivery? Be alert if a seller says they are reluctant or allegedly unable to use a standard delivery service and insists on sending your purchase via a transport company. In this case, you risk receiving a “brick” containing an unknown number of defects and breakdowns or a device of a version you didn't order. Or the right device but with hidden defects. When the defects eventually emerge, there will be no one to whom you can make a claim.

In general, buying a second-hand smartphone online is much riskier than doing so in person. Since a device can only actually be checked after it is received, the chance of encountering criminals or unscrupulous sellers is very high. You can only pin your hopes on the honest reviews of other customers and the decency of the seller themself.

Risk № 2. A device is not reset to factory settings

Be sure to check whether a smartphone is unlinked from all of its old accounts.

If it’s not reset to the factory settings and it has an old account on it, you’ll need to unlink it in the presence of the seller. An honest and fair seller will do this in person without asking any questions, when the transaction is actually complete or almost complete: the buyer is ready to pay, and no claims exist on their part. But, when a seller refuses (or is in a hurry, etc.) to do this, that should alert you.

If a seller suddenly “forgot” the account password and promises to find it and call or email you from home, the probability is high that this smartphone is not theirs, and they are attempting to deceive you by selling a found or stolen device. Suggest to the seller that they find the password and arrange to meet you again. Most likely, you’ll never set eyes on them again.

You didn’t agree on a purchase here and now, and the seller is continuing to use the smartphone? In this case, there is nothing strange about refusing to reset the settings.

Risk № 3. Hidden blocks and software modifications

Even if your smartphone has already been reset to the factory settings, reset it again yourself. It’s unknown what applications the previous owner installed or what settings they changed. It can’t hurt. This is additional assurance that the smartphone is operating properly and that there’s a high degree of probability that no hidden blocks and software modifications are on it.

Risk № 4. The presence of Root or Jailbreak

If possible, it is worth checking for root access (elevated system privileges) on an Android smartphone. This can be done, for example, using Dr.Web Security Space for Android via the Security Auditor (if you do not have a license, you can install a trial version).

Root access is dangerous because:

  1. the warranty will be voided (if the smartphone is still under warranty);
  2. if it is not possible to restore the factory firmware after modification, a device will be rooted, which is potentially dangerous since the system area of the file system will be available for accessing. Because of this, the risk of accidentally damaging or removing something on a device exists. Or of “catching” malware for which root is very useful: for example, it will be able to surreptitiously install other trojans and adware.

A smartphone running iOS should be checked for the presence of Jailbreak. Jailbreak is similar to root – it is dangerous because a device becomes more vulnerable to attacks and data leaks. There are different ways for a device to be jailbroken, and signs of this process may differ. In most cases, the indicator will be the program Cydia (an alternative software directory). However, its icon can be hidden, in which case it will not be easy to detect jailbreak.

Risk № 5. Third-party firmware

Alternative firmware versions are popular among Android smartphone users. Therefore, when purchasing a device, you can additionally check the version of the installed system. It can be viewed in the system settings menu (depending on the model, the item to look for will be called “About”, “Software version”, “Firmware version”, etc.).

The main task is to understand what is installed: the official firmware or a custom version. A custom version is potentially dangerous because trojans and adware can be built into third-party firmware. At the same time, depending on the model, it can be complicated or even impossible to restore the original version.

To a certain extent, an anti-virus, which will detect known threats, may be a solution for this issue. However, trojans that aren’t yet known may be in the firmware. In addition, not many sellers will wait while you fiddle with your inspection. But this is even for the best – such a situation will mean that you do not need to take risks and it is worth looking for other variants.

The Anti-virus Times recommends

  • The safest way to buy second-hand smartphones is to do so via the stores of well-known retailers and telecom operators that provide such a service. However, prices there may be higher than on the “open market”.
  • Do not forget about basic functionality checks: before making a deal, check the performance of all the functions, controls, buttons, the screen, and other things. Also make sure there are no chips, cracks, etc.
  • The presence of a hack is not always a death sentence for your purchase: depending on the device model and the software version, it is usually possible to restore it to a clean (unmodified) state. This is just a question of the user’s desire and skill.

#iOS #Android #Dr.Web_Security_Auditor #malware #fraud #rooting

[Twitter]

Tell us what you think

To leave a comment, you need to log in under your Doctor Web site account. If you don't have an account yet, you can create one.