What To Do if Your Phone Has Been Hacked

The mere thought of someone else gaining access to our smartphone can be downright terrifying. In movies, we’re shown hackers as these mysterious figures in hoodies, capable of wreaking havoc with just a few keystrokes. But in reality, a hacked phone doesn’t have to be the end of the world. There are effective ways to regain control of your device and ensure your data stays secure.

So, what should you do if your phone has been hacked? Even better, how can you prevent hackers from gaining control of your devices in the first place? In this guide, we’ll answer these questions and more as we give you practical tips and insights to help you stay protected in the ever-evolving cybersecurity landscape.

What To Do if Your Phone Has Been Hacked

Antivirus software is a useful prevention tool, as it detects malware that hackers use to access devices remotely, but even if you hadn’t downloaded antivirus software prior to a hacking attempt, you can use antivirus software to kick a hacker out of your device.

There’s one condition, though: the hacker should have used malware to perform the attack. Hackers use a variety of methods to hack into systems, some of which can not be detected by malware. For example, there are customer support scammers that will get you to install a legitimate mirroring app on your device to gain remote access. If that’s the case, then you’ll need more than just antivirus software.

As we said, though, if the hacker who took control of your phone used malware, antivirus software can remove the infection and free your phone. Here’s how:

How To Remove a Hacker From Your Phone

1. Use antivirus software. When antivirus software detects a piece of malware, it quarantines it to prevent it from affecting the rest of your phone. Once quarantined, you can safely remove the infection and stop it from spreading. For this to work, though, your antivirus software has to be on and running in the background all the time.
2. Contact businesses. Contact any financial services or e-commerce businesses that have your credit card or bank account information, which is very sensitive information indeed. Find out which transactions you need to dispute with your bank and, in some cases, report for fraud.
3. Delete apps. If you see any apps on your phone that you didn’t download, delete them.
4. Factory-reset your phone. If, after doing all those things, you still believe someone else has taken control of your phone, your last resort is to factory-reset your device. Doing so removes all files and apps from your phone, but it ensures that whatever the hacker used to gain entry will also be removed.
   • iPhone:
     1. Go to Settings.
     2. Click “General.”
     3. Click “Reset.”
     4. Click “Erase All Content and Settings.”
     5. Enter your passcode or Apple ID password.1
   • Samsung Android version 5.0 or above:
     1. Click “Apps.”
     2. Click “Settings.”
     3. Click “Backup and Reset.”
     4. Choose “Factory Data Reset.”
     5. Choose “Reset Device.”
     6. Click “Erase Everything.”2
5. Change your passwords. Finally, change the passwords of any breached accounts — a good practice for whenever your login credentials are involved in a data breach.

How To Prevent Your Phone From Being Hacked

So, how do you prevent the nightmare from happening again? With just a few changes to your settings, you can greatly reduce the likelihood of your phone being hacked. Hallelujah!

1. Download antivirus software. Antivirus software works by scanning your phone for viruses and malware, then removing any threats to your device. However, not everyone needs antivirus on their mobile device — only Android users. Learn how to get rid of a virus on Android and what the best Android antivirus options are. iPhones and iPads don’t need antivirus software, though they can be hacked in other ways. Antivirus can stop hackers in many cases. Read our antivirus guide to learn more.
2. Connect to VPNs on public Wi-Fi networks. Public Wi-Fi networks are as convenient as they are insecure. However, VPNs make connecting to public Wi-Fi networks safe. VPNs hide your browsing history and hide your IP address, changing your IP address to hide your location. VPN apps are available for both iPhones and Androids; we recommend the best iPhone VPNs and the best Android VPNs. In some cases, VPNs can stop DDoS attacks, so they’re a great solution for hopping on public Wi-Fi.
3. Don’t jailbreak. Jailbreaking your iPhone gives you total control over it, from where you download apps to how you arrange your interface. Although we like control as much as anyone, jailbreaking an iPhone means missing out on Apple’s built-in security features, including malware scans. The same goes for Android users. Rooting an Android device is the equivalent of jailbreaking an iPhone, and unless you’re a security expert, we don’t suggest rooting your Android either.

   Note: For Android users, it’s not necessary to root your device to install apps from third parties. That said, it’s always best to install apps only through the Google Play Store.

4. Avoid phishing. Does something smell phishy? Maybe you got an email from an address you don’t recognize, or maybe you’re entering your login information on a site that doesn’t look quite right. Most antivirus software has protection against phishing, but if you’re unsure, your best bet is not to click on any unfamiliar links, emails, attachments, websites, or messages.
5. Use encryption. Whether or not you want to remain anonymous online, encryption is a great way to avoid hacking. Look for websites and apps that use end-to-end encryption, ideally the industry standard of 245-bit AES.
6. Only use trusted charging stations. One of the best things about living in the 21st century is public charging stations. God forbid we’re in public without a smartphone! However, these charging stations carry risks, like someone “juice jacking” your phone’s data through a USB drive. Hackers can easily access your phone’s data through the drive or even run malware. If possible, use an AC outlet instead of a USB charging port, as AC outlets only transmit power, not data. If only a USB is available, use a charge-only adapter or a data blocker. You’ll thank us later!
7. Set up phone locks and passcodes. Make sure that if you put your phone down for a certain amount of time, you need a passcode to open it back up. Here’s how to set up passcodes:
   • iPhone X or later:
     1. Click “Settings.”
     2. Click “Face ID & Passcode.”
     3. Click “Turn Passcode On.”
     4. Enter a six-digit passcode.
     5. Enter the passcode again to confirm and activate it.
   • Android:
     1. Click “Settings.”
     2. Click “Security.”
     3. Click “Screen Lock.”
     4. Choose “Standard Locks.”
     5. Choose “Password.”
     6. Enter more than four characters.
8. Add advanced authentication. Whenever it’s available, turn on biometric authentication, also known as multifactor authentication, or two-factor authentication (passcodes) to online accounts. Learn more in our authentication how-to guide.
9. Disable voice assistants on lock screen. Having Siri or Google Assistant available before you unlock your phone is convenient, but it’s not the greatest thing for security. Follow these steps to disable these voice assistants:
   • iPhone:
     1. Go to your phone’s Settings.
     2. Click “Face ID & Passcode” or “Touch ID & Passcode.”
     3. Turn off Siri.
   • Android:
     1. Say, “Hey Google, open Assistant settings” to your phone.
     2. Go to Settings.
     3. Click “Personalization.”
     4. Click “Personal Results.”
     5. Turn on “Lock Screen Personal Results.”
10. Turn on “find my phone.” If you haven’t set up a passcode, a lost phone is a surefire way to get hacked. Fortunately, if you have a passcode and a “find my phone” feature, losing your phone doesn’t mean it’s getting hacked.
    • iPhone:
      1. Go into Settings.
      2. Click your name.
      3. Click “Find My iPhone.”
      4. Turn on “Find My iPhone.”
    • Android:
      1. Go to Settings.
      2. Click “Security.”
      3. Click “Find My Device.”
      4. Turn on “Find My Device.”
11. Turn off autofill. Another convenient feature in many browsers is autofill, which fills out personal information like your name, address, and phone number. However, if your phone gets into the wrong hands, this personally identifiable information (PII) could make you vulnerable to identity theft, so it’s best to disable it on your mobile browsers. Below, we’ve listed the instructions for Safari, the default browser on iPhones, and Chrome, the default browser on Androids.
    • iPhone:
      1. Click “Settings.”
      2. Click “Safari.”
      3. Turn off “AutoFill Passwords.”
    • Android:
      1. Open the Google app.
      2. Tap “More.”
      3. Tap “Settings.”
      4. Tap “General.”
      5. Turn off “Autocomplete With Trending Searches.”
12. Limit app permissions. Go into your phone’s settings, click on different apps, and see what permissions they have. Is your Google Maps app tracking your location at all times? Can your dating app see your text messages? For the most privacy, limit permissions as much as you can on various mobile apps.
13. Disable location tracking. Location tracking is a particularly scary concept that’s all too common in mobile apps these days. With location tracking on, a hacker could potentially follow you around, which means the digital threat could turn into physical danger. Follow these steps to disable it:
    • iPhone:
      1. Click “Settings.”
      2. Click “Privacy.”
      3. Click “Location Services.”
      4. Toggle off “Location Services.”
    • Android:
      1. Swipe down on your Android’s screen.
      2. Touch and hold “Location.”
      3. Click “Advanced.”
      4. Click “Google Location Accuracy.”
      5. Turn off “Improve Location Accuracy.”
14. Turn off Wi-Fi. We’ve already mentioned the dangers of public Wi-Fi networks, but if your Wi-Fi is enabled by default, your phone may be joining networks without you knowing it. Instead, only use Wi-Fi on an ad hoc basis. Follow these steps to turn it off:
    • iPhone:
      1. Click “Settings.”
      2. Click “Wi-Fi.”
      3. Toggle Wi-Fi off.
    • Android:
      1. Swipe down on your Android’s screen.
      2. Touch and hold “Wi-Fi.”
      3. Turn off “Use Wi-Fi.”
15. Perform software updates. Software updates contain the latest security patches, so even though they may be annoying, perform them as soon as they’re available.
    • iPhone:
      1. Click “Settings.”
      2. Click “General.”
      3. Click “Software Update.”
      4. Click “Download and Install.”
      5. Click “Install.”
      6. Enter your passcode.
    • Android:
      1. Click “Settings.”
      2. Click “System.”
      3. Click “Advanced.”
      4. Click “System Update.”
16. Use secure passwords. The easiest way to protect your phone (and all of your other online accounts) is to use strong passwords. Each account should have a totally unique password.

What Is Phone Hacking?

Simply put, phone hacking is when anyone accesses a phone or communications without the owner’s consent. Phone hacking can occur through security breaches, theft or loss of the device, and brute-force attacks.

Signs Your Phone Has Been Hacked

Just how do you know if your phone has been hacked? You may notice these signs:

• Your phone loses charge quickly.
• Your phone is running slower than usual.
• You notice strange activity on your online accounts, like unfamiliar logins, new account signups, or password reset emails.
• You see unfamiliar calls or texts.
• You get more pop-ups than usual; this could be a sign of adware.
• Your phone has more data usage than normal.
• You notice unfamiliar apps.3

How Do Phones Get Hacked?

The reason we take so many precautions surrounding our phones is because hacks can happen in a lot of different ways. Here are a few examples:

• Phishing: Phishing messages lead to social engineering — i.e., asking people for their login credentials directly to gain access to computer systems. Phishing can happen not only through emails and text messages, but also through scam phone calls. If you get a strange text or email from someone you don’t know, don’t click on it; the same goes for messages on social media. Your mobile security will thank you!
• Brute-force attacks: Brute-force attacks are perhaps the most primitive hacking method, as hackers just guess at passwords until they log in correctly.
• Man-in-the-middle attacks: With this method, hackers intercept data packets as they travel between a sender and a receiver, “listening” for login credentials.4
• Physical access: Whether it’s a lost or stolen phone, if it doesn’t have a passcode, hacking is much easier.
• Programming-based hacking: Programming-based hacking requires the most technical knowledge; hackers find vulnerabilities in systems and give themselves full administrative privileges.

Can My Phone Get Hacked?

All of this sounds concerning, but you may be wondering, “Can my Android or iPhone get hacked?” The answer is, unfortunately, yes, both Androids and iPhones are susceptible to hacking.6 Sorry!

Who Hacks Phones?

You might be wondering, “What exactly do hackers accomplish by accessing other people’s phones?” A lot, actually. For one, hackers can use data stored on people’s phones to commit fraud and identity theft. Our phones contain intimate information about us, such as personal information, company and workplace files, account passwords, and even credit card information.

Recap

Anyone with a smartphone needs to be concerned about hacking. But with the right settings and best practices, you can guard yourself against most hacking attacks.

If you take one thing away from this article, it should be to set up a passcode on your phone. It only takes a few seconds, and it prevents most people from entering. Sometimes, the simplest solutions are also the most effective.