How to Know If Your Phone Is Hacked
Like all people, you probably use your phone for pretty much everything nowadays – checking your email, sending and receiving money, buying things, working, passing the time, etc. It’d be a shame if someone were to hack it and stop you from doing all that when you least expect it.
If we got you a bit worried, sorry – but this is a serious concern nowadays. Don’t worry, though – we’ll teach you how to protect yourself, how to know if your phone is hacked, and what to do if your phone has been hacked.
But First – How Can Someone Hack Your Phone?
It doesn’t happen like in the movies. So you don’t need to worry about a shady hooded figure hacking into your phone by typing random strings of characters on their keyboard while you’re out shopping.
In real life, phones get hacked through one of the following methods:
SIM Card Swapping
These attacks involve hackers persuading mobile providers that they’re you, and that they need them to switch your phone number to their device. That way, the hacker gets their hands on your number.
They can then use it to impersonate you or trick web services (like Google) to send a temporary login code to their device. If successful, they can break into your online accounts.
This kind of cyber attack happens when you use a public USB charging station – like the ones found at airports or in cars.
They’re convenient and sometimes actual lifesavers, sure, but they’re also pretty dangerous. Cybercriminals can actually hijack your power supply through malicious ports. Sometimes, those charging stations can also contain malware, so your phone will get infected when using them.
Speaking of malware, it’s a very popular way for hackers to take over your phone. They can do that through spyware, trojans, rootkits, ransomware, and more.
We already mentioned how your phone can get infected with malware if you use public charging stations. But that can also happen if you download files from shady websites and app stores. Or even if you download random apps from legit app stores (like iTunes and Google Play) without checking their background first (reviews, who the devs are, permissions, etc.).
Public WiFi is extremely risky. Most networks don’t use encryption, and even those that do aren’t 100% safe since the current encryption standard (WPA2) is vulnerable. What’s more, hackers can set up fake networks that imitate legitimate hotspots.
Cybercriminals could use packet sniffers to monitor and crack your data packets (especially if you’re using HTTP sites). Translated, that means they could steal sensitive data like login credentials and credit card numbers.
Or they could monitor your traffic to see where it’s heading, and use MITM attacks to redirect you to fake sites. For example, they could set up a copy of paypal.com that logs your login credentials, which the hackers can then use to empty your account.
Phishing is when hackers try to trick you into interacting with fake sites, malicious links, or malware-infected files. They could target you with phishing messages over email, social media, or SMS. If you interact with them, your phone might get infected, allowing cybercriminals to take over it.
Here’s the problem with Bluetooth – it has a long history with vulnerabilities. They basically pop up every year or so, and put user data at risk.
There are tons of examples:
- The KNOB Attack that would have allowed hackers to downgrade and crack Bluetooth encryption.
- The BIAS Attack that would make it possible for a cybercriminal to take over a Bluetooth-enabled device.
- BlueBorn, a serious exploit that would have allowed hackers to connect to a device directly.
- And, most recently, BLURtooth – a vulnerability that lets hackers overwrite Bluetooth authentication keys. Basically, that means an attacker connecting over Bluetooth could take over Bluetooth-capable apps and services on your device.
How to Know if Your Phone Is Hacked
There’s no message or alert that says “YOU’VE BEEN HACKED.” Well, unless your device gets infected with ransomware, but that’s just one exception.
So how to tell if your phone is hacked? Just look for these signs:
- Your device starts running slower than usual. Anything from opening an app or swapping to the next screen feels very sluggish. Also, your battery drains faster and your phone gets hotter. All those signs usually point to malware running in the background (particularly cryptominers).
- You see new apps on your phone you don’t remember installing. Or messages you never sent and phone calls you never made. Unknown purchases are another dead giveaway.
- Apps start acting erratically. They don’t start up anymore, crash very often, or don’t run as they should.
- You experience large mobile data usage spikes even though you aren’t doing anything differently. That’s usually indicative of malicious tracking programs running in the background and sending data to hackers.
- Your contacts are saying they received strange messages from you, which you don’t remember sending.
- The phone’s settings were suddenly changed – like Bluetooth is turned on but you don’t remember doing that.
- Your phone’s screen is filled with pop-ups (indicative of spyware and adware).
- Your phone reboots at random times, or it makes phone calls or opens apps without your approval.
- You notice photos and videos in your phone’s gallery which you never took. Or the phone’s flash starts lighting up randomly. That might mean your phone’s camera was hacked.
What to Do If Your Phone Has Been Hacked
Here’s what most guides recommend doing + what we believe is the right course of action:
1. Disconnect from the Web
First, get off the Internet. The malware or malicious processes that are in the background might be sharing data with hackers. Or the cybercriminal who took over your phone might need it to be connected to the web to steal your data.
So shut down your WiFi connection and mobile data. And, obviously, you should disable Bluetooth too.
2. Remove Shady Apps
Pretty self-explanatory – uninstall or disable any apps you don’t recognize or remember installing. If you can’t do that for some reason, move on to the next step.
3. Remove Malware
You should normally have antivirus protection on your device. If you don’t, you’ll need to get some first. We recommend checking out Malwarebytes (Android and iOS).
Then, run a scan, and let the program get rid of all the malicious software on your phone.
Oh, and avoid free antivirus programs – they’ll likely do more harm than good (i.e. expose you to even more malware).
4. Change Your Passwords
Always assume your passwords were compromised if your phone was hacked. Go ahead and change them all right now, and be sure to use a different one for each account.
If you need help coming up with strong passwords, please use our guide.
5. Alert Your Contacts
Let everyone know your device was compromised – friends, family, work colleagues, employers, clients, etc. Make sure you tell them to ignore any weird messages or emails they might get from you.
6. Take Your Phone to a Professional
It might be a good idea to have a phone repair expert take a look at your phone to make sure everything’s in order. You should be able to find a decent phone repair shop in your area with a few Google searches.
7. Do a Factory Reset
Only use this method if you weren’t able to un-hack your phone. If you do this, all your data will be wiped (so be sure to back it up if you can), and your phone will be restored to its factory settings.
How to Do a Factory Reset on Android
- Go to Settings > General Management
- Tap Reset.
- Pick Factory data reset.
- Tap Reset again.
How to Do a Factory Reset on iOS
- Open the Settings app.
- Pick General.
- Tap Reset (it’s at the bottom)
- Choose Erase All Content and Settings.
How to Protect Your Phone from Hackers
Follow these guidelines, and you should be safe:
- Always use a VPN when you’re on public WiFi. It’s an online tool that encrypts your traffic end-to-end, meaning hackers can’t spy on it or manipulate it anymore.
If you need a good VPN, try CactusVPN! We offer powerful encryption, user-friendly apps for iOS and Android. And here’s what you’ll definitely love – with just one CactusVPN subscription, you can use the service on an unlimited number of devices!
Special Deal! Get CactusVPN for $3.5/mo!
And once you do become a CactusVPN customer, we’ll still have your back with a 30-day money-back guarantee.
- Install antivirus programs on all your phones (and other devices too). Keep the software up-to-date, and run regular scans.
- Don’t open messages from people you don’t know, and definitely don’t click links or download files from them.
- Never keep Bluetooth enabled. Only use it when you’re sharing files with people you trust in a safe place (your home, not the airport or a crowded coffee shop), and disable it when you’re done.
- Keep your phone’s OS up-to-date, and only install apps from official app stores (after doing some background research, of course).
- Don’t grant apps unnecessary permissions. A calendar app definitely doesn’t need access to your contacts.
- Only use trustworthy USB charging stations. And when you do, make sure you pick the “Only Charging” option on your phone. Here are some other useful tips:
- Bring your own portable charger.
- Use “USB condoms” – devices that act as intermediaries between your phone and the charger (like SyncStop)
- Use AC power outlets instead of USB charging stations.
- And finally – never leave your phone unattended. Oh, and lock your phone with a passcode and/or lock screen.
Got Any Tips to Offer?
If you can share any info about how to know if your phone is hacked, prevent that from happening, or un-hack it, please do so in the comments below. If you use any specific tools to secure your device, don’t forget to provide links.