In research conducted byt Life assistance company CPP, they purchased second hand mobile phones and SIM cards through Ebay and used electronic shops. The experiment examined what personal data was available on the mobile handsets purchased and whether this information could be used to commit identity fraud.
Shockingly the results revealed 247 pieces of personal data were left on a range of mobile phones and SIM cards, leaving previous owners open to the risk of identity theft. Information found included:
• Credit and debit card PIN numbers
• Bank account details
• Phone numbers
• Company information
• Log in details to social networking sites, such as Facebook and LinkedIn.
The experiment also revealed 81per cent of those questioned thought they had wiped their mobile phone before selling on and that six out of ten people were confident that all their personal details have been removed. However 54per cent of mobiles and SIM cards were found to contain sensitive information, unknowingly putting people at risk of identity theft.
The life assistance company’s findings were supported by data that found 50% of second hand mobile phone owners said they had found personal data when they had purchased second hand mobile phones or SIM cards.
Most people claim to have wiped their mobile handsets manually, which security experts acknowledge leaves information intact and retrievable and therefore at risk of id fraud.
Mobile data expert from CPP, Danny Harrison said: “This report is a shocking wake up call and shows how mobile phones can inadvertently cause people to be careless with their personal data and put them as risk of identity fraud.
“With the rapid technology advancements in the smartphone market and new models released by manufactures multiple times a year, consumers are upgrading their mobiles more than ever and it is imperative people take personal responsibility to properly manage their own data.”
Danny continues, “If they do sell or recycle them online or even give them to friends and family, they need to ensure they remove all their personal information thoroughly and consider the serious consequences of not doing so, such as being a victim of id theft.”
Jason Hart, Senior Vice President of CRYPTOCard who was commissioned by CPP to carry out the experiment said, “The safest way to remove all of your data from a mobile phone or SIM card is to totally destroy the SIM and double check to ensure that all content has been removed from your phone before disposal. With new technology does come new risks and our experiment found that newer smartphones have more capabilities to store information and that information is much easier to recover than on traditional mobiles due to the increase of applications.”
CPP’s top tips on wiping your mobile phone of personal information to prevent identity theft:
1. Restore all factory settings – this is the first step that you should take as it is the easiest precaution before disposing of the unit, but factory resets are far from permanent so follow steps 2 – 4 to protect your data
2. Remove your SIM card and destroy it
3. Delete back-ups – even if your smartphone, PDA or laptop data is securely removed from the mobile device, it can continue to exist on a back up somewhere else
4. Log out and delete- make sure you have logged out of all social networking sites, emails, wireless connections, company networks and applications. Once you are logged out make sure you delete the password and connection
5. Various passwords – avoid using the same ID/password on multiple systems and storing them on your mobile phone, if you are going to store them on your phone use a picture that reminds you of the password
6. If you are selling on your phone ensure you ask for it to be wiped to be on the safe side
7. Don’t store vast amounts of personal information on your mobile phone / SIM
8. Make sure you check your bank statements regularly to monitor for suspicious transactions
9. Remember the Golden Rule: Identity thieves are experts at spotting an opportunity to steal your identity and only need a few personal details
10. If you want more information on how to protect yourself from id fraud or see how these experiments worked, please visit CPP’s blog