We may earn commissions when you buy from links on our site. Why you can trust us.

Does a Pop-up Mean Your Phone Has Been Hacked?

by Natasha Stokes on May 24, 2024

You might have experienced this: You're browsing the web on your phone and a pop-up window appears on the screen, claiming you’ve won a prize or that you have a virus and you need to call a tech support number. Or maybe they're just annoying pop-up ads that won't go away. What gives? Has your phone been hacked or infected with malware?

Though it’s possible that your phone has been hacked, it’s unlikely this would cause a rash of popups. Most people would never know their phone has been hacked until they see evidence of their personal data being made use of, such as charges to their bank account or new lines of credit opened in their name. This is because a hacker will run a script to scan the phone for user data and collect that without showing any evidence of having done so. The longer you're in the dark, the more time the hacker has to use your data.

However, there are several other reasons for an unasked-for window pops up on your phone. And yes, some of them are malicious. Here’s how to stop them.

Concept drawing of a phone with a pop-up.

Fake virus alerts

A common scam circulating among both Android and iOS users is the fake virus alert, a pop-up window that tells the user their device is infected. These alerts often look as if they are coming from Google or Apple and usually contain a ‘Remove Virus’ button linking you to a supposed security app or a phone number to call for help. The aim, of course, is to scare the user into downloading malware or, in the case of a phone number, revealing valuable personal information to ‘tech support’.

How to fix it when you get a fake virus alert

Shut down the browser window or tab. Be wary of popups or bad ads that may have fake buttons that resemble the usual close button – if clicked, you could end up downloading malware. It’s best to avoid interacting with the alert at all.

Alternately, if your browser isn't locked up, you can simply navigate away from the site, by tapping in a new URL in the toolbar. If you still get the alert, check what webpage you were browsing and consider avoiding it for a while – it may have been hacked in order to push these malicious alerts.

How to prevent fake virus alerts

You can prevent these alerts from occurring in the first place by turning on popup blockers in your browser.

On Android, open Chrome and head to Settings > Site (or Content) Settings > Block Pop-ups.

For iPhone users, open iOS Settings > Safari and toggle on Block Pop-ups and also toggle on Fraudulent Website Warning.

Hijacking websites via malicious advertising

Unfortunately, there’s also a chance that pop-up you saw is part of a trend for ‘malvertising’ – where malware makes it into ad networks and are distributed among the network’s myriad sites.

Even reputable sites, such as the New York Times and BBC, can be hijacked through ads without site admins realizing it. Hijacked sites may also redirect you to webpages you never clicked on or even install malware through drive-by downloads. These pop-ups and misdirects can continue to plague your browsing experience on that site (and other sites that use the same ad network) until the malicious advertiser is removed from the network.

Over the last decade, we've spotted this issue on Techlicious a couple of times. We quickly contacted the associated ad network and were able to have the ads removed quickly.

What to do when you browse to a hijacked website

First, make sure you never enter any information asked for in a popup, or a website that you didn’t specifically navigate to.
Shut down your browser if the popups that redirect your to another site keep happening
On iOS, half swipe up on your iOS device (or double tap your Home button) to see all open apps, then slide your browser app away.
On Android, tap the rightmost square to see all open apps, then flick away the browser app.

Always keep your web browser updated. Regular updates often contain security patches that address vulnerabilities exploited by malvertising campaigns.

Adware infection

If your smartphone browser continues to pop up alerts despite taking the above precautions, it’s possible your phone is already infected with a type of malware called adware. Adware causes advertisements to pop up on the infected phone, forcing users to view particular pages that earn revenue based on clicks. It can also pop up advertisements for downloadable content such as games, which, if installed, can have even greater consequences for users’ data and finances.

Malware can land on phones through downloading bad apps or by surfing to a website compromised by ‘drive-by downloads’ that allow malware to install itself on a user’s device without the user having clicked on anything.

How to remove adware infection

To rid your Android phone of malware, the easiest way is to run an antivirus scan with one of our recommended mobile security apps, such as Avast, Bitdefender, Norton, McAfee, and AVG.

If using a mobile security app to remove the adware doesn’t sort out your pop-up problem, you may need to do a factory reset that will clear your phone of all data – including the problematic app and malware. Make sure your data is backed up before your reset your phone.

How to factory reset your phone

To reset your iPhone, head to Settings > General > Reset and then select Erase All Content and Settings.

To reset your Android phone, head to Settings > System > Reset Options > Erase all data.

Once you’re cleared, you can focus on prevention: always update your browser and your smartphone OS. Updates usually patch vulnerabilities that can be exploited by malware.

Obnoxious ads

We’ve all seen and heard them – huge banners, sneaky auto-playing music, and unasked for pop-up windows are all examples of intrusive ads that disrupt users’ browsing experiences while providing zero benefit to their purveyor. After all, if you’re not liking, you’re not clicking.

How to turn on ad blocking for Android

The Chrome browser for Android has a pop-up- and ad-blocker that selectively prevents intrusive ads from displaying, using the standards set by the Coalition for Better Ads. This should be on by default, but if you’re still getting obnoxious pop-ups and/or ads, head into Settings > Site Settings and tap on ‘Pop-ups and redirects’ and ‘Ads’ to disable them from displaying. Note that the blocker doesn’t block all ads – only the irritating ones.

How to turn on ad blocking for iPhones

iPhone users can avoid pop-ups in Safari and Chrome. For the Safari app, head into the main Settings app > Safari and toggle on Block Pop-ups. In the Chrome app, go to Settings> Content settings > Block Pop-ups; for Safari.

You might also want to check out an ad blocker app, like AdGuard (Free). Once downloaded, you can enable them in Settings > Safari > Extensions and toggle on the filters you want to have on.

Website notifications

The most innocuous reason for a popup is that you have allowed a website to push alerts. Sites often request permission to push alerts of new posts, and you may have agreed at some point. Safari on iPhones doesn't allow push notifications, but Chrome on iPhone and Android does.

How to turn off website notifications in Chrome

On Chrome, tap the three dots in the top right, then Settings > Notifications > Sites, where you’ll see a list of sites that can send alerts. You can uncheck certain sites or disable them all from showing notifications.

Updated on 5/24/2024 with current instructions on handling pop-ups

[Image credit: smartphone with popup ad via BigStockPhoto]

Natasha Stokes has been a technology writer for more than 10 years covering consumer tech issues, digital privacy and cybersecurity. As the features editor at TOP10VPN, she covered online censorship and surveillance that impact the lives of people around the world. Her work has also appeared on NBC News, BBC Worldwide, CNN, Time and Travel+Leisure.

Topics

Privacy, Phones and Mobile, Mobile Apps, Android Apps, iPhone/iPad Apps, Computer Safety & Support, Tips & How-Tos

Discussion

From Mark on April 30, 2020 :: 7:11 am

I am close my home phone and my route down because of
php is hacking my accounts worded what would happen when they use their cctv

From Jaze on January 21, 2021 :: 8:14 pm

My iPad just said “your iPad may be hacked” and something like “ your info could be given to a cyber hacker”, and it told me to download something in less than 30 seconds. I closed out of it as stupid as I was, and then searched up “your iPad may be hacked how to fix it” and I came here. If it is real please give advice. IF YOU SEE THIS PLEASE RESPOND! I did that in caps so you and others might see this.

From Josh Kirschner on January 22, 2021 :: 11:37 am

That is clearly a fake popup warning like what we describe above. You did the right thing by ignoring it and not downloading anything.

From Ibrahim on February 21, 2021 :: 11:49 am

Is Spy Block Online Protection is a genuine app from apple or is it part of the scam?

From Josh Kirschner on February 21, 2021 :: 12:18 pm

If you’re seeing a scareware popup for an app you don’t have installed, it is likely part of the scam. It doesn’t necessarily mean the app itself is involved in the scam, sometimes third-parties create these scams to generate affiliate commissions.

From Victoria Zermeno on March 20, 2021 :: 7:17 pm

I downloaded the app it told me to am I in trouble?

From Josh Kirschner on March 21, 2021 :: 10:08 pm

Most of these apps are harmless, their goal is to scare you into paying money for the subscription. But there’s no way to know for sure, so it’s a good idea to delete it as soon as possible - you’re probably ok after that.

From Rainier conoman on February 24, 2021 :: 2:44 am

I’m aware my phone is hacked for other reasons.please recommend how to track the hacker..TY..

From hacked phone??. on April 12, 2021 :: 3:04 pm

i went to a website on my phone and then the message “your apple iphone has been hacked, all operations on your device is being tracked by the hacker. immediate action is required!” it then led me to a link in the appstore for me to download something. is it fake or real?

From Josh Kirschner on April 17, 2021 :: 4:19 pm

Completely and utterly fake scam popup.

From ML on April 23, 2021 :: 4:29 pm

Hey there, same thing with the fake virus you’ve been hacked do something fast blabla happened to me randomly clicking on some pinterest link for a bag smh but I did get scared and since it looked so official I did download some prime ware or whatever antivirus app and typed in my apple password when downloading it from the apple store I got redirected to howevee thankfully my friend showed me its fake so I didn’t pay them or type my credit card and I deleted the app aprox 5-10min later. I also changed my apple ID pass, I hope I’m not in trouble now for my data?

From SR on May 18, 2021 :: 3:49 am

Hi,
I had a message on my iphone last week which said my spotify account may have been compromised and then my phone password screen came on so I put in the password, then I immediately realised I’d made a mistake as I don’t have spotify and so I changed the password straight away, but now worried my phone’s been hacked but I can’t tell. Any advice much appreciated. Thanks.

From Josh Kirschner on May 20, 2021 :: 10:20 am

My concern is that, by entering your password, you gave permission for an app to be downloaded onto your device. I would run a full scan using one of the antimalware options we link to in the story above.

If you entered your Google or iCloud password, and not your phone password, you should immediately change those.

From Radha on May 18, 2021 :: 1:55 pm

I have forwarded a message to some people saying that we will win an Amazon gift if we sent some message so I did same. At last I got a message like your iPhone is hacked. Wat I have to do now?

From Josh Kirschner on May 20, 2021 :: 10:23 am

While the Amazon gift card thing is clearly a hoax or scam (which you should not have forwarded), it is likely just coincidental that you later received a popup saying your phone is hacked. Though I suppose it is possible through ad targeting that they could be popping up those fake iPhone hacked ads to those who interacted with the fake Amazon gift card message as a way of targeting people they already know to be susceptible to obvious scams.

From R.M. on May 29, 2021 :: 11:48 pm

I went on a website that said a hacker had access to my phone camera, and later it said my phone had been hijacked. I closed the website, were those popups just trying to scare me or something?

From Josh Kirschner on June 01, 2021 :: 6:56 pm

Yes, those popups were trying to scare you. Don’t visit that website again

From N Beresford on June 08, 2021 :: 3:10 am

I’ve had pop ups on my phone saying my iPhone has been hacked plus has a virus. It doesn’t tell me to download anything at all. In my calendar it shows that on the hr every hr my phones hacked. Is this something worth worrying about?

From Josh Kirschner on June 08, 2021 :: 10:34 am

This sounds like standard scareware. If the message isn’t asking you to download something, what is it asking you to do?

From N beresford on June 08, 2021 :: 6:00 pm

All it is is a https address underneath where it says I been hacked

From Josh Kirschner on June 09, 2021 :: 9:04 am

Sounds like there is a link to a page that will try to sell you something or install actual malware. That is a clear scareware scam.

From Jon on June 09, 2021 :: 1:09 pm

Iv been hacked & told that if I don’t record myself doing a naked dance & send it to them they will then empty my bank account. Not sure wot to do as I’m a lousy dancer. Any advice on dance moves would b appreciated

From Thea on August 26, 2021 :: 6:12 am

I’ve had a notification pop up on my iPhone saying I’ve been hacked is this true and how do I stop it

From Ray on April 26, 2022 :: 6:10 pm

I was watching anime and suddenly my website changed and the new website said I have a Trojan virus on my phone so I need to download an apple appstore app in two minutes. What is this and is it bad

From Josh Kirschner on April 27, 2022 :: 8:52 am

That’s is the exact scam we describe above. You will ever receive actual virus warnings from web popups.

From Allisson Arias on June 08, 2022 :: 7:05 pm

So I was on twitter and I clicked a image I didn’t mean to click and it pop up a other link it said this iPhone has been hacked and am scared am I hacked ?

From Josh Kirschner on June 10, 2022 :: 11:35 am

We’ve been very clear that windows popping up saying you’re hacked are scareware.

From Tamara cook on September 09, 2022 :: 3:41 pm

Please help me get.Dave Clancey off my device he has my information and using my device and stealing my winnings saying I am donating money and taken am not doing that at all

From Maahee on October 19, 2022 :: 9:28 am

I want to heck

From Steven E on November 25, 2022 :: 8:23 pm

My gf knows my texts how do I stop it

From Accidentally Downloaded Anti-Virus Software on May 16, 2023 :: 2:33 am

I ended up downloading something called McAfee Software because a pop up said the subscription expired as well as that I had a virus. Now I’m trying to cancel said subscription (I instead now have NordVPN) but I know nothing about computers so I believed it and got the subscription as I now believe that was a scam.

The app is real though (I looked it up) so no real problem it did spook me though, so now I’m regretting several life decisions.

From Josh Kirschner on May 16, 2023 :: 10:30 am

If you called a number on a popup saying you had a virus, that is almost certainly a scam, not the real McAfee. Call you credit card company, explain what happened, and dispute the charges.

Note that NordVPN is not antimalware. It has some antimalware download protection features, but is not a real-time antimalware scanner. If you have Microsoft Defender turned on in your settings, that’s pretty good, though since you have a history of scams, you may want to get a more comprehensive online protection package, like Bitdefender Total Security.

From Tiffany on May 17, 2023 :: 12:49 pm

Those apps didn’t pick up anything on my phone. Only one app has and within minutes it stop detecting it someone help me set up my phone they can get into my account to the point that I nor the phone company can even get into it of course till it’s time to pay my bill. I know who’s doing it I don’t understand why other then to drive me crazy. He can download apps turn on times to grey out stuff without it being detect. Mess with my api apn, everything even change my phone service. Take over my data he’s messed up my wifi box. This has went on for a while Chester will be here and there until it’s gotten worse and worse I can reset the phone and it don’t work I bought new phones and it sounds crazy but they have had the data hijacked on them before I got even got minutes on them. Idk what to do anymore I can’t get help I’ve lost mine & my kids doctor’s, ssi it’s crazy.

From Joy on August 19, 2023 :: 10:27 pm

Hack

From Chris on October 05, 2023 :: 8:38 am

Really my mobile has even started to stop working because of the many ads which are poping up on the screen kindly I need your help because I have tried but failed thank
You