Navigating the USB storage minefield
Data Loss through Fake and Counterfeit Data storage product
Having worked in data recovery and the IT storage market since the late 90’s, this is the worst I have seen it for fake products. In the data recovery lab we are seeing on a daily basis the harm these items can cause in terms of resulting data loss.
Why is nothing being done to stop this?
If our high street retailers and supermarkets were selling huge amounts of counterfeit products it would be a major news story. So why do online retailers get away with selling, and advertising fake storage product like USB memory sticks, memory/SD cards and SSD?
The answer to this is complex but comes down to three main high level points:
- The shear amount of fake and counterfeit data storage products listed.
- A lack of understanding and will to own the issue.
- The lack of investigation and enforcement.
Unlike most high street retailers who get their products directly from the manufacturers, the largest online sources for these products are market places who support third party vendors. Due to the huge number of these vendors, it has become practically unmanageable to police these types of problems.
Can online retailers use an algorithm to stop this from happening?
The straight answer is yes and there is some evidence they are starting to purge listings, but I have seen retailers actively advertising and recommending fake products via email and targeted advertising. There is still a long way to go.
What do you mean by fake or counterfeit product?
Fake or counterfeit product usually comes in two main guises, firstly a USB memory stick that has been manipulated to ID as a much larger capacity than it really is, and secondly an inferior product is made to look like a high end product.
The two images below show a fake SSD drive.
The external case should contain a 2TB SSD drive, but instead contains a 64GB USB drive.
The two images below show a fake memory card.
The high-end Sandisk casing of a 64GB card contains a Kingston micro SD card inside which has a much slower transfer rate.
Why does this matter?
It matters because a manipulated USB memory stick will not stop saving data at its original capacity and will continue to overwrite already stored data. For example if the stick was 8mb but was manipulated to ID as 1TB (1,000,000MB) it would allow data to be continually written to it so you would only physically have the last 8MB of the stick as good data and the rest would be lost.
In the case of items being made to look like high end product, it matters because the transfer rates are likely to be much lower, and the components will be inferior making it unreliable and putting your data at risk. It also makes data recovery more difficult as an inferior product is much less likely to have a fix available unlike a correct high end original.
In both cases you are not getting what you are paying for, and unfortunately depending on how frequent you use the product and the amount of data, it may take a while to realise you have been "done".
How do I buy safely?
We would recommend you buy from a high street retailers (or their online store) or specialist IT online retailers, buying a drive from an auction site or listings site is far too dangerous. Until these market places take better action to ensure quality, it is best not to risk it where possible.
Do not buy unbranded sticks, drives or cards. Look for branded products with the likes of Sandisk, Kingston, Integral, etc.
Some key points to consider:
- If it looks too cheap then it’s likely to not be right.
- Check and contrast pricing, it will become clear which are fake.
- Check the product reviews, these can manipulated so it’s worth double checking the review is for the right product. For example an obviously fake stick had 5* ratings but when reading them they described a cleaning product not a USB stick.
- Be very careful as someone may leave a review before realising the product is counterfeit.
How bad is the problem and why do people sell counterfeit products?
The problem is huge because it is easy to do. Counterfeiting is a multi-million pound industry, it pays no regard to you or your data. This is not someone in their bedroom selling a few to make a bit of extra money, it is a multi-£m industry and may well be funding organised crime.
Hackers using data storage products
Following on from counterfeit and fake storage hardware issues, it is vital that you are aware of some of the popular scams at present.
How are data storage products used for scams?
USB devices are being sold pre-loaded with ransomware, viruses, and malware.
USB devices containing ransomware, viruses, and malware are being sent masquerading as promotional products, gift cards, competition wins, product instructions, information from public services.
How can I safeguard myself?
Only buy branded products from a reputable source, beware of buying from listing and auction sites.
It is very important not to plug any unknown USB device into your computer unless you have checked its origin. This will put all your data at risk and could even lead to identity theft.
If free USB devices are being given out as advertising or corporate events please think about whether these could be compromised.
Public, government, and health services will not send information via USB stick, if you receive these by post do not plug into your computer.
If you find or come across a USB device and you are not sure who it belongs to do not plug it into your computer to find out. If someone has genuinely lost a stick they will probably backtrack their movements to try to find it.
It is best practice to check the autoplay settings on your pc/laptop and ensure they are not set to automatically run files on a USB device. This should lower the chance of malware being loaded onto your device and gives you a chance to scan it with antivirus. Good antivirus software may even automatically scan these drives when they are accessed.
Why would people do this?
As previously touched on, this is a huge industry fuelling organised crime. Hackers want to take control of your device by any means possible and this is a very easy way to do that. It allows them to ransom yours and other networked devices for the data, to steal/lock crypto currency wallets, and insert malware to steal your private information and passwords.
As a data recovery company we see fake and counterfeit devices all the time. The industry is growing and causes a lot of distress for people who lose irreplaceable data because of it.
Malicious software and viruses are rife and many people are not aware of the threat from USB devices either bought in good faith or received for other reasons.
Simply do not take the risk by buying from an online market place that supports third party vendors.
Do your research and buy from a reputable source. If it sounds too good to be true, then it probably is.