12 signs your phone has been hacked — and what to do next

Features
By published

Don't overlook these clues

Confused woman looks at phone
(Image credit: Shutterstock)

While signs that you've been hacked may be obvious if you're on your home computer, it might be a little more subtle if you're looking for them on your smartphone. Many people still don't believe that security issues and hacks are likely on a smartphone, so they don't take precautions against such attacks, making them vulnerable to threats like phishing, malicious downloads or unsecured Wi-Fi.

However, if you don't have any antivirus protection or coverage for your smartphone and you're not practicing safe cyber practices when it comes to securing your mobile devices, they're at risk too. Here are the warning signs to look out for when it comes to mobile malware — and what to do if you suspect that you may have already been victimized by a virus or worse.

What to look for

  • Pop up ads: Just like on a desktop, if you're seeing pop up ads appear on your phone, that's a big red flag warning sign. Do not click on any of these, as they can lead you to malicious websites.
  • Performance issues: For example, if your phone is frequently freezing, crashing, or lagging when performing its usual tasks. Malware and viruses consume huge amounts of processing power, so your device will have problems when trying to do typical day-to-day jobs.
  • Randomly rebooting or shutting down: This could be caused by malicious code, or by a hacker trying to remote control your device through the malicious code. Either way, it's never a great indicator about your device.
  • Microphone or camera turning on: If either the microphone or camera turns on, when you don't turn them on yourself, it's another red flag — and it could mean that an attacker is spying on you and your activities.
  • Unfamiliar apps, messages, or calls: If you see apps you don't remember installing, or calls or texts you didn't make, that's unauthorized use and it usually indicates malware.
  • Unusually low battery: Malware is a battery hog, so if your phone is constantly needing a recharge for no good reason, this could be why.
  • Overheating (when idle): If your device is getting quite warm when it's not working hard, again, that could be malware which will work your device's processor hard.
  • Unexpected two-factor authentication requests: Two-factor and multi-factor authentication is set up as an extra layer to protect your accounts from being accessed by hackers, so if you're getting requests you don't expect it's a good indication that someone has your password and is trying to access your accounts.
  • Account issues: Any unexpected password changes like reset requests, or obviously, getting locked out of accounts is reason for serious concern.
  • Data spikes and/or unknown call charges: A threat actor could be using your phone to transfer data, make purchases, send messages or make calls.
  • Websites look different: Whether they're redirecting you to spammy websites you don't want to be or they just appear strange, this may mean your web traffic is being hijacked.
  • Unable to shut down or turn off: Malware may be keeping your device turned on.

What to do now

A picture of a skull and bones on a smartphone depicting malware

(Image credit: Shutterstock)

So you think you may have been hacked — what now? There are a few steps you can take to get control back, protect your data and your device. None of them are sure things and none of them are fool-proof but they're a good starting point.

  • If you have an antivirus program installed on your mobile device, start by running a security scan that can find and (hopefully also) remove the malware.
  • If you see any unfamiliar or suspicious apps, downloads or files on your phone that you don't remember installing, remove them — don't just delete the icon, but make sure you're deleting the app entirely.
  • Back up essential data: Not applications or system data, but other important things that may not have been infected like your photos, contacts, and important documents.
  • Check your backups: Make sure that they are from a date before the hack or infection occurred so you don't just reinfect your phone over and over again. Restore only essential, necessary data and manually reinstall apps from the app store.
  • Change your passwords: This should be done as soon as possible, and should be done from a separate, uninfected device. Make sure you're creating strong, unique passwords for all your accounts, enabling multi-factor authentication whenever available and using a password manager.
  • Clear cookies, cached data and saved history: Anything stored in your browser settings should get wiped clean as it could remove malicious code that is being stored there.
  • Secure accounts: Review all recent activity on your online accounts, looking for any unauthorized activity, transactions or messages. If necessary, consider freezing accounts, requesting new cards or updating credentials.
  • Update your operating system: An easy way to make sure you have the most up-to-date protection against malware.
  • Disconnect: Disconnect your phone from Wi-Fi and cellular networks, then restart your phone in Safe Mode or Recover Mode (depending on your operating system).
  • Shut it down: Perform a full shut down (when needed) and disable always on location features, which could be used by malware.
  • Perform a factory reset: To be used as a last resort, and only when you have your files backed up. This can sometimes be the only way to resolve an issue.
  • Notify contacts and authorities: Let your contacts know that you've been hacked so they can be on alert for any potential phishing messages, but also let your financial and banking institutions know so they can be aware of any potential identity theft or financial fraud.

Hacks can happen to anyone and it's important to realize that you're not powerless — if you stay calm, and know what to do, you can salvage a good amount of your data and even your device. Knowing what to do after a hack is just as important as knowing how to stay safe in the first place and anyone can make a mistake and quickly become a victim to a phishing scam, a malicious website or a bad Wi-Fi connection. Stay calm, stay safe and stay informed.

More from Tom's Guide

Amber Bouman
Amber Bouman
Senior Editor Security

Amber Bouman is the senior security editor at Tom's Guide where she writes about antivirus software, home security, identity theft and more. She has long had an interest in personal security, both online and off, and also has an appreciation for martial arts and edged weapons. With over two decades of experience working in tech journalism, Amber has written for a number of publications including PC World, Maximum PC, Tech Hive, and Engadget covering everything from smartphones to smart breast pumps. 

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.