The results were not good. All but two of the devices were accessed by the person who found it (although the finder could have been looking for a contact number or some way to identify the owner). Only half of those who found one of the lost phones made any attempt to return the unit. Even worse, Symantec created bogus files on the "lost" devices with tempting titles like "HR Salaries" and a stunning 80% of those who found one of the phones took a peek at the planted information. Half of the finders tried to use a bogus remote access app trying to connect to a corporate network. 60% tried to read social media information and email.
The test was called "Honey Stick" in reference to the honeypots tests used to test a security process that leaves an open server in an attempt to tempt hackers to take control of it. Symantec's blog mentions a number of things you should do before your phone is lost or stolen. First, you should password-protect your phone, install an app that can wipe your device remotely and install find-my-phone software from your online app store. For a complete list of Symantec's suggestions, visit the sourcelink.
source: Symantec via ReadWriteWeb