You might want to think twice before selling your Android phone. Security company avast! purchased 20 used Android phones from eBay to see how easily data could be recovered from them. What they found is disturbing.
avast! was able to recover over 40,000 photos (1,000 of which were sexually explicit) from the 20 phones it purchased. Even worse, avast! was able to find a completed loan application and over 750 emails and text messages.
How was avast! able to do this?
While most users have the foresight to wipe their devices before selling, performing a factory reset isn’t enough. avast! claims it was able to use “simple and easily available recovery software” to restore deleted files. The program it used is called FTK Imager from AccessData.
Of course, avast! has a product that promises to wipe your device completely. avast! Anti-Theft is available from Google Play and can find and control your lost or stolen phone remotely. You can use the app’s “Thorough wipe” feature to wipe your phone before selling it. It’s unclear how this differs from Android’s built-in Device Manager app. I reached out to avast! for further clarification but am still waiting for a response.
What can I do to protect my data?
When you delete a file on your device, it isn’t really gone until you write something else over it. This is how data recovery software is able to find your accidentally deleted files. However, once new data is written over the deleted data, the deleted data is gone forever.
avast! Anti-Theft works by overwriting deleted data with random data, making it unrecoverable. If you don’t want to download an app, you can actually protect yourself with Android’s built-in encryption tool.
WARNING: Encrypting your phone is irreversible! Make sure you really want to do this before proceeding.
Head over to Settings > Security > Encryption. You’ll receive a warning that it may take over an hour to encrypt your phone and that you must be plugged in. If anything interrupts this process, you can lose your data. This isn’t a problem if you’re using the tool to wipe your phone anyway. Once you encrypt your phone, you can perform a factory reset and rest easy knowing your data is secure.
Be sure to check out our guide on how to delete a file permanently to learn more about erasing sensitive files.