How to Tell If Your Phone Has Been Hacked
Could cybercriminals be infiltrating your bank account or stealing your identity right now? Here’s how to find out if your phone is under attack.
If you think that you’re not big enough of a target for a cybercriminal to hack your phone, think again. In 2019, the FBI’s Internet Crime Complaint Center (IC3) received an average of nearly 1,300 complaints every day and reported that individuals and U.S. businesses lost more than $3.5 billion to cybercrime. Between coronavirus scams and our growing dependence on Internet shopping, 2021 promises to have even higher damages. So, how can you tell if your phone is hacked?
There are a number of telltale signs that you’ve been hacked, and it is absolutely vital for individuals to stay aware and vigilant. From the perspective of hackers, our phones are an absolute treasure trove of data. “Our phones and computers are the two main communication devices we use every day,” explains George Waller, CEO of cybersecurity companies BlockSafe Technologies and StrikeForce Technologies. “Therefore, if someone hacks your phone, they would have access to the following information: email addresses and phone numbers (from your contacts list), pictures, videos, documents, and text messages.” Additionally, he warns, hackers can monitor every keystroke you type on the phone’s keyboard. “That means they can steal passwords, personal information, credit card information, bank information, as well as any corporate information.”
That’s as frightening and as dangerous as it sounds. Here’s what you need to know to protect yourself, your finances, and more.
How to tell if your phone is hacked
Between poor functionality and mysterious alerts and texts, there are several warning signs that you are under attack. Some of them are subtle and tempting to ignore, but it is in your best interest to investigate them all as soon as possible.
Your battery drains fast
If you find that your phone’s battery quickly loses power no matter how much you’ve charged it, that could be a sign that your iPhone or Android has been hacked, says Tim Lynch, PhD, president of Psychsoftpc.com. “Phone spyware is on all the time, so it uses a lot of power and drains your battery in the process,” he says. “If you consistently experience losing power, it is possible you have been hacked.” (If you haven’t been hacked and this is still happening, it’s one of the signs you need a new cell phone.)
Your phone is hot
“As well as the phone’s charge going down more quickly, a device feeling hot even when it hasn’t been in use is a possible sign that Internet data is being consumed more quickly than usual,” notes Ray Walsh, a digital privacy expert at ProPrivacy. “If consumers notice that they keep exceeding their data limits, someone may be ‘piggybacking’ on their sessions.”
You’re experiencing poor overall performance
Is your phone suddenly loading pages much more slowly or crashing all the time? First, try shutting it down, advises security expert Robert Siciliano, CEO of Safr.Me, and watch what happens next. “Phones that have been hacked often won’t shut down correctly or never shut down, even though you tell them to.”
Also, note if the timing in other functionalities on your iPhone or Android seems off. “Delays in sending and receiving texts, making phone calls, checking voicemails—all of these things should not take too long, yet they will when and if a phone hack has taken place,” says Alexis Moore, author of Surviving a Cyberstalker. “These are the easiest to pick up on yet the most difficult today in the cyber age, because everyone is rushing and multitasking and not paying close enough attention to pick up these subtle details.”
There’s an overall spike in data usage
Use an app like Data Usage (available for Android and iOS) to monitor how much data is being sent out from your device. “Look for anomalies or exceptionally large periods of uploading,” says Allan N. Buxton, lead forensic examiner at Secure Forensics. “Most users are fairly consistent in their monthly activities. A large spike or increase in uploaded data that persists without a real-world explanation could be an indicator that monitoring has been installed.”
You learn about calls/texts you didn’t make
Mobile expert Rob Webber, the CEO and founder of MoneySavingPro.com, explains: “You might also notice calls and texts that you haven’t sent to numbers in your list of contacts. Ensure that you monitor this activity closely, as some of these could be premium-rate numbers that malware is forcing your phone to contact—with all the proceeds landing in the pocket of the person who has compromised your phone.”
You get spammy pop-ups
“Another sign of a compromised smartphone is spammy pop-ups or weird screensavers,” notes Webber. “While not all pop-ups indicate that your phone has been infiltrated, an increasingly high number of pop-ups could be a sign that your phone has been infected with a form of malware called adware, which forces devices to view specific sites that drive revenue through clicks.” (Find out how to stop spam texts on an iPhone or Android.)
New apps are appearing on your screen
Beware of new apps that pop up on your screen or within your iPhone’s settings. “Always check to see which apps are running, and, if anything seems untoward, check to see if an app that is draining the battery is known to contain malware or other malicious exploits,” advises Walsh.
You notice unusual activity with your accounts
Weird behaviour on your Gmail or iCloud is a very common sign of a malicious hack and presents a very serious risk to your data, warns Matthew Woodley of Woodley Digital Marketing. “Both of these services keep a lot of information about you, such as passwords, photos, your current location, messages, and calls.” Cybercriminals have been known to hold your photos for ransom, and your email address is likely the backup for every online account you have. “With enough information in your email, it would be easy to steal your identity,” says Woodley.
So, what qualifies as weird behaviour? “Watch for emails about password resets you didn’t make, or security messages notifying you that your email or social media account has been accessed using a new device, or verification emails saying that you have signed up to new accounts that you are unfamiliar with,” says Webber. These are all signs that your iPhone or Android has been hacked. (Find out how to spot Apple ID phishing scams.)
You’ve lost your signal
This is a scary one. You receive a text message or an email notification from your mobile carrier about an account change you didn’t make, and 30 minutes later, your cell phone has no signal, even after a reboot. You also can’t log into your email, and you’re locked out of your bank account.
“This is called a number porting attack, and it’s effective against Androids and iPhones on all mobile carriers,” explains Kayne McGladrey, Director of Security and Information Technology at Pensar Development. “If you think you’re a victim of a number porting attack, you should immediately call the police and let them know that your mobile number has been ported out and that you’re a victim of identity theft. You must call your mobile provider, of course, and may need to show them a police report to prove that you are a victim of identity theft.”
Ways your phone can be hacked
Now that you know how to tell if your phone is hacked, you’re probably wondering how it can happen. There are a number of points of entry unsuspecting iPhone users are susceptible to. Be vigilant about avoiding these activities that can open you up to attack.
You clicked a weird link in a text
Phishing is a scam in which a user is duped into revealing confidential information. “It could be a text claiming to be from your mom, friend, or someone you know asking you to open maybe a pdf file or a photo. Once it is opened, a Trojan [horse program] embedded in the file corrupts your entire system or you grant them access to steal your files,” says cyber expert Emmanuel Eze from TechCopp.com.
A common follow-up to the initial hack could be a message from an unknown party demanding money and stating they will release pictures and messages they stole from your phone, notes Waller. To protect yourself from such an attack, never click on a suspicious link or attachment unless you are certain it came from a trusted source. If in doubt, delete it. By the way, here’s the difference between phishing and smishing.
You used a public charging station
When you’re away from home, avoid using the USB port and only use the AC charging port to juice up your phone. Hackers have been able to hide mini-computers and malware inside public chargers and even public USB cables. “Malicious charging stations take advantage of the fact that USB is used for both transferring files and charging,” says Eze. “Some hackers can monitor your every keystroke while plugged in, so you think you’re charging while you’re being hacked. So don’t hurry to plug in your phone on any outlet you see.” (For the same reason, you should never charge your phone in a rental car.)
You downloaded a malicious app
“This is becoming a bigger problem for consumers, as criminals are hiding mobile malware or malicious capabilities inside of apps that appear legitimate or may even perform some legitimate service, like a mobile game,” says Alex Hamerstone, GRC practice lead at TrustedSec. “Google Play is more likely to have infected apps than Apple’s App Store because Google does not vet these apps as vigorously.”
Your phone was left unattended in public
Never leave your device unattended in public, implores Gary Davis, Chief Consumer Security Evangelist at McAfee. “While many threats exist online, you still have to be aware of real-world threats, like someone grabbing your device when you’re not looking,” he warns. “Keep your smartphone on you, or within view, while in public. If you have a ‘phone visibility’ option, turn it off. This setting allows nearby devices to see your phone and exchange data with it. Also, remember not to save passwords or log-in information for banking apps and other sensitive accounts. You don’t want a hacker to be able to automatically log in as you if they do gain access to your device.”
You’ve been lazy with passwords
Bad password hygiene can be a huge problem, says Thomas Reed, Director of Mac and Mobile at Malwarebytes. “If someone’s iCloud account is hacked, the hacker would be able to see where all their devices are, see all their data stored on iCloud, lock their devices via anti-theft features, etc. This kind of thing generally happens when a person reuses a password on multiple sites and one of those sites is compromised. The best way to prevent that is to use unique passwords on every site, which are stored in a password manager, and enabling two-factor authentication on every account possible.” FYI, if you use any of these weak passwords, change them immediately.
You’ve used free Wi-Fi
Free and unsecured Wi-Fi at your local coffee shop is convenient for you—and for hackers. “Unfortunately, it’s easy for someone to spy on everything you do on there,” says Woodley. “If you are going to use unsecured Wi-Fi, the best way to do it is to use a VPN (virtual private network) service to keep your connection secure. These are inexpensive and keep you safe. If you’re not going to do that, then be sure to never sign onto a bank website, and try to stay off your email as well. If you are going to check your email, always watch the address bar. Is the website correct? The website should say ‘https://’ instead of ‘http://’ as that added ‘s’ indicates a secure connection. There should also be a green lock symbol next to the URL. If you don’t have those indicators of a secure connection, do not put in any of your log-in information.” (Find out 14 more things you should never do when using public Wi-Fi.)
What to do if your phone has been hacked
If you suspect that your iPhone has been hacked, don’t panic. All is not lost, and there are steps you should immediately take to prevent extensive damage. Matt Wilson, Chief Information Security Advisor at BTB Security, advises taking these steps:
Change important passwords. However, the key point here is to not do it from the device you believe to be compromised or you could give the bad guys your new password.
Enable multi-factor authentication. Actually, everyone should do this now, wherever they can, and not wait for a compromised device. Many popular apps and services allow this (including Facebook, Google, and major banks). While it doesn’t necessarily help you once your device is compromised, doing so now lessens the impact if your device gets hit. The steps will vary on different apps and devices, but the best starting point is to look in Settings or System Preferences for Security. On the iPhone, if you’re using iOS 10.3 or later, enable 2FA for your Apple ID by going to Settings > [Your Name] > Password & Security.
Restore your device. This process allows you to wipe your device clean, then restore your data from Cloud storage. It can be a challenge, but it’s far easier today than it has ever been. The exact steps depend on your device, but Apple and Google have straightforward and easily discovered directions for backing up (something else you should do regularly!) and restoring your iPhone or Android.
Aside from these security protocols, you’ll need to check your bank accounts and credit cards. If you see suspicious activity, contact your financial institution immediately. Alert them to lock your account, and learn the necessary steps to recoup your losses. Most major institutions will cover fraudulent charges if reported within 60 days of the attack.
Next, find out the password mistakes hackers hope you’ll make.