Tech Made Simple

Hot Topics: How to Fix Bluetooth Problems | CES 2019Browse the Web Anonymously | Complete Guide to Facebook Privacy

Use It

author photo

How to Tell if Your Phone Has Been Hacked

by on February 09, 2017
in Privacy, Phones and Mobile, Mobile Apps, Tips & How-Tos :: 229 comments

How to Tell if Your Phone Has Been Hacked

By now, government spying is such a common refrain that we may have become desensitized to the notion that the NSA taps our phone calls or the FBI can hack our computers whenever it wants. Yet there are other technological means – and motives – for hackers, criminals and even the people we know, such as a spouse or employer, to hack into our phones and invade our privacy.

From targeted breaches and vendetta-fueled snooping to opportunistic land grabs for the data of the unsuspecting, here are seven ways someone could be spying on your cell phone – and what you can do about it.

1. Spy apps

There is a glut of phone monitoring apps designed to covertly track someone’s location and snoop on their communications. Many are advertised to suspicious partners or distrustful employers, but still more are marketed as a legitimate tool for safety-concerned parents to keep tabs on their kids. Such apps can be used to remotely view text messages, emails, internet history, and photos; log phone calls and GPS locations; some may even hijack the phone’s mic to record conversations made in person. Basically, almost anything a hacker could possible want to do with your phone, these apps would allow.

And this isn’t just empty rhetoric. When we studied cell phone spying apps back in 2013, we found they could do everything they promised. Worse, they were easy for anyone to install, and the person who was being spied on would be none the wiser that there every move was being tracked.

“There aren’t too many indicators of a hidden spy app – you might see more internet traffic on your bill, or your battery life may be shorter than usual because the app is reporting back to a third-party,” says Chester Wisniewski, principal research scientist at security firm Sophos.

Likelihood

Spy apps are available on Google Play, as well as non-official stores for iOS and Android apps, making it pretty easy for anyone with access to your phone (and a motive) to download one.

How to protect yourself

  • Since installing spy apps require physical access to your device, putting a passcode on your phone greatly reduces the chances of someone being able to access your phone in the first place. And since spy apps are often installed by someone close to you (think spouse or significant other), pick a code that won’t be guessed by anyone else.
  • Go through your apps list for ones you don’t recognize.
  • Don’t jailbreak your iPhone. “If a device isn’t jailbroken, all apps show up,” says Wisniewski. “If it is jailbroken, spy apps are able to hide deep in the device, and whether security software can find it depends on the sophistication of the spy app [because security software scans for known malware].”
  • For iPhones, ensuring you phone isn’t jailbroken also prevents anyone from downloading a spy app to your phone, since such software – which tampers with system-level functions - doesn’t make it onto the App Store.
  • Android users can download a mobile security app that will flag malicious programs. There isn’t the same type of mobile security apps for iOS, due to App Store restrictions, though Lookout Security and Sophos will alert you if your iPhone has been jailbroken.

2. Phishing by message

Whether it’s a text claiming to be from your financial institution, or a friend exhorting you to check out this photo of you last night, SMSes containing deceptive links that aim to scrape sensitive information (otherwise known as phishing or “smishing”) continue to make the rounds.

Android phones may also fall prey to messages with links to download malicious apps. (The same scam isn’t prevalent for iPhones, which are commonly non-jailbroken and therefore can’t download apps from anywhere except the App Store.)

Such malicious apps may expose a user’s phone data, or contain a phishing overlay designed to steal login information from targeted apps – for example, a user’s bank or email app.

Likelihood

Quite likely. Though people have learned to be skeptical of emails asking them to “click to see this funny video!”, security lab Kaspersky notes that they tend to be less wary on their phones.

How to protect yourself

  • Keep in mind how you usually verify your identity with various accounts – for example, your bank will never ask you to input your full password or PIN.
  • Avoid clicking links from numbers you don’t know, or in curiously vague messages from friends, especially if you can’t see the full URL.
  • If you do click on the link and end up downloading an app, your Android phone should notify you. Delete the app and/or run a mobile security scan.

3. SS7 global phone network vulnerability

Nearly two years ago, it was discovered that a communication protocol for mobile networks across the world, Signalling System No 7 (SS7), has a vulnerability that lets hackers spy on text messages, phone calls and locations, armed only with someone’s mobile phone number. An added concern is that text message is a common means to receive two-factor authentication codes from, say, email services or financial institutions – if these are intercepted, an enterprising hacker could access protected accounts, wrecking financial and personal havoc.

According to security researcher Karsten Nohl, law enforcement and intelligence agencies use the exploit to intercept cell phone data, and hence don’t necessarily have great incentive to seeing that it gets patched.

Likelihood

Extremely unlikely, unless you’re a political leader, CEO or other person whose communications could hold high worth for criminals. Journalists or dissidents travelling in politically restless countries may be at an elevated risk for phone tapping.

How to protect yourself

  • Use an end-to-end encrypted message service that works over the internet (thus bypassing the SS7 protocol), says Wisniewski. WhatsApp (free, iOS/Android), Signal (free, iOS/Android) and Wickr Me (free, iOS/Android) all encrypt messages and calls, preventing anyone from intercepting or interfering with your communications.
  • Be aware that if you are in a potentially targeted group your phone conversations could be monitored and act accordingly.

4. Snooping via open Wi-Fi networks

Thought that password-free Wi-Fi network with full signal bars was too good to be true? It might just be. Eavesdroppers on an unsecured Wi-Fi network can view all its unencrypted traffic. And nefarious public hotspots can redirect you to lookalike banking or email sites designed to capture your username and password. And it’s not necessarily a shifty manager of the establishment you’re frequenting. For example, someone physically across the road from a popular coffee chain could set up a login-free Wi-Fi network named after the café, in hopes of catching useful login details for sale or identity theft.

Likelihood

Any tech-savvy person could potentially download the necessary software to intercept and analyze Wi-Fi traffic – including your neighbor having a laugh at your expense (you weren’t browsing NSFW websites again, were you?).

How to protect yourself

  • Only use secured networks where all traffic is encrypted by default during transmission to prevent others from snooping on your Wi-Fi signal.
  • Download a VPN app to encrypt your smartphone traffic. SurfEasy VPN (iOS, Android) provides 500MB of traffic free, after which it’s $2.99/month.
  • If you must connect to a public network and don’t have a VPN app, avoid entering in login details for banking sites or email. If you can’t avoid it, ensure the URL in your browser address bar is the correct one. And never enter private information unless you have a secure connection to the other site (look for “https” in the URL and a green lock icon in the address bar).

5. Unauthorized access to iCloud or Google account

Hacked iCloud and Google accounts offer access to an astounding amount of information backed up from your smartphone – photos, phonebooks, current location, messages, call logs and in the case of the iCloud Keychain, saved passwords to email accounts, browsers and other apps. And there are spyware sellers out there who specifically market their products against these vulnerabilities.

Online criminals may not find much value in the photos of regular folk – unlike nude pictures of celebrities that are quickly leaked– but they know the owners of the photos do, says Wisniewski, which can lead to accounts and their content being held digitally hostage unless victims pay a ransom.

Additionally, a cracked Google account means a cracked Gmail, the primary email for many users.

Having access to a primary email can lead to domino-effect hacking of all the accounts that email is linked to – from your Facebook account to your mobile carrier account, paving the way for a depth of identity theft that would seriously compromise your credit.

Likelihood

“This is a big risk. All an attacker needs is an email address; not access to the phone, nor the phone number,” Wisniewski says. If you happen to use your name in your email address, your primary email address to sign up for iCloud/Google, and a weak password that incorporates personally identifiable information, it wouldn’t be difficult for a hacker who can easily glean such information from social networks or search engines.

How to protect yourself

  • Create a strong password for these key accounts (and as always, your email).
  • Enable login notifications so you’re aware of sign-ins from new computers or locations.
  • Enable two-factor authentication so that even if someone discovers your password they can’t access your account without access to your phone.
  • To prevent someone resetting your password, lie when setting up password security questions. You would be amazed how many security questions rely on information that is easily available on the Internet or is widely known by your family and friends.

6. Malicious charging stations

Well-chosen for a time when smartphones barely last the day and Google is the main way to not get lost, this hack leverages our ubiquitous need for juicing our phone battery, malware be damned. Malicious charging stations – including malware-loaded computers – take advantage of the fact that standard USB cables transfer data as well as charge battery. Older Android phones may even automatically mount the hard drive upon connection to any computer, exposing its data to an unscrupulous owner.

Security researchers have also shown it’s possible to hijack the video-out feature on most recent phones so that when plugged into a malicious charge hub, a hacker can monitor every keystroke, including passwords and sensitive data.

Likelihood

Low. There are no widely known instances of hackers exploiting the video-out function, while newer Android phones ask for permission to load their hard drive when plugged into a new computer; iPhones request a PIN. However, new vulnerabilities may be discovered.

How to protect yourself

  • Don’t plug into unknown devices; bring a wall charger. You might want to invest in a charge-only USB cable like PortaPow ($6.99 on Amazon)
  • If a public computer is your only option to revive a dead battery, select the “Charge only” option (Android phones) if you get a pop-up when you plug in, or deny access from the other computer (iPhone).

7. FBI’s StingRay (and other fake cellular towers)

An ongoing initiative by the FBI to tap phones in the course of criminal investigations (or indeed, peaceful protests) involves the use of cellular surveillance devices (the eponymous StingRays) that mimic bona fide network towers.

StingRays, and similar pretender wireless carrier towers, force nearby cell phones to drop their existing carrier connection to connect to the StingRay instead, allowing the device’s operators to monitor calls and texts made by these phones, their movements, and the numbers of who they text and call.

As StingRays have a radius of about 1km, an attempt to monitor a suspect’s phone in a crowded city center could amount to tens of thousands of phones being tapped.

Until late 2015, warrants weren’t required for StingRay-enabled cellphone tracking; currently, around a dozen states outlaw the use of eavesdropping tech unless in criminal investigations, yet many agencies don’t obtain warrants for their use.

Likelihood

While the average citizen isn’t the target of a StingRay operation, it’s impossible to know what is done with extraneous data captured from non-targets, thanks to tight-lipped federal agencies.

How to protect yourself

  • Use encrypted messaging and voice call apps, particularly if you enter a situation that could be of government interest, such as a protest. Signal (free, iOS/Android) and Wickr Me (free, iOS/Android) both encrypt messages and calls, preventing anyone from intercepting or interfering with your communications. Most encryption in use today isn’t breakable, says Wisniewski, and a single phone call would take 10-15 years to decrypt.

“The challenging thing is, what the police have legal power to do, hackers can do the same,” Wisniewski says. “We’re no longer in the realm of technology that costs millions and which only the military have access to. Individuals with intent to interfere with communications have the ability to do so.”

From security insiders to less tech-savvy folk, many are already moving away from traditional, unencrypted communications – and perhaps in several years, it’ll be unthinkable that we ever allowed our private conversations and information to fly through the ether unprotected.

[image credit: hacker smartphone concept via BigStockPhoto]



Discussion loading

gravatar

Is anyone can hack our

From Ashish sharma on June 16, 2018 :: 4:31 pm

Is anyone can hack our mobile by knowing only our contact number..??
If yes…then how we can protect our phone..

Reply

avatar

That's not quite correct

From Josh Kirschner on June 20, 2018 :: 4:10 pm

No one can “hack” your phone just by knowing your contact number (Well, okay, it’s theoretically possible, but would likely involve a national spy/police agency specifically targeting your device in conjunction with a device manufacturer. Let’s assume you’re not that major crime figure or high profile politician). You could be “monitored” with the SS7 vulnerability or StingRay. But that’s likely to only be used by spy agencies/law enforcement on specific targets.

None of those threats are things that should keep normal people up at night. But if they do, we provide ways to protect yourself in the article above.

Reply

gravatar

facebook messenger customer service

From shiwakant mishra on June 21, 2018 :: 4:23 am

The time when i had got forgotten my facebook password
and also security questions I tried everything but not got
solution at last i had contacted to facebook
professionals and finally recovered my facebook account,

Reply

gravatar

HELP!!!

From Ala on June 26, 2018 :: 6:40 pm

I was trying to watch a movie when I was taken to this weird link that showed an explicit image and said my phone has been hacked. It kept trying to call me and it would not let me click the home button to leave the site. Finally I just restarted my phone. What should I do? Was I really hacked?

Reply

avatar

No, you weren't hacked

From Josh Kirschner on July 03, 2018 :: 1:12 pm

From the description, it sounds like you experienced a malicious ad redirect, not a hack. This is a method where unscrupulous companies exploit the JavaScript used to serve ads on websites which can redirect the user to another site or create those annoying pop-ups that can’t be closed. If the scammer site isn’t letting you leave, the easiest thing to to is to just close the browser tab - no need to restart your phone.

While you’re more likely to experience this on questionable sites which use shady ad networks, it can happen on any site, including ours, if some evil-doer manages to get past to ad screening for Google Adsense or another major ad network used by major publications.

Reply

Help me please.

From Richard Trekell on June 27, 2018 :: 9:10 am

My phone is acting really weird. I think it must of been hacked can u help me?

Reply

gravatar

Hacked help

From Jayson Collin Underwood on July 02, 2018 :: 7:34 am

So I have noticed all
Of a sudden there is a clicking sound through out every phone call this has never happened before
I keep turning find my iPhone and every time I go back into it it’s always switched on
I have noticed recently that messages and notifications pop up but when I go into it they disappear
My Apple Music just lost all what I had then next minute it had a whole selection of song I hate and have never downloaded
Please help
If there is a way to catch them out or sever the connection
And also have just noticed that my phone isn’t doing face recognition on downloading from iTunes or the App Store
I have a feeling I may no who it is
Byt
No proof

Reply

gravatar

Hacked bad

From Concerned on July 11, 2018 :: 7:27 am

So.. someone managed to get into all our devices. 2 phones a tablet and
2 computers. I had strange numbers call daily from all over the US. Some didnt say where they originated.  I never answered but the would leave VOICEMAIL And only say my name sounded like different ppl everytime. They changed administrative control on my comp and set up a guest account which went unnoticed for a long time. Erased my gmail inbox or denied me access. Blatently set up a very obvious soundbar which would move if we spoke recording from every Bluetooth device we had. Ads sites and ppp ups pertaining to conversations or relate to something relevant in our lives freauently.setting were constantly restored after my restrictions or just no longer availble to change. I could not factory reset my tablet at all. Had to shut down everything. Unplug devices modems amd routers and completely replace them. Get new phones and numbers. Things seemed fine but my boyfriend swears its happening again. Someone sent a picture to my boyfriend from my Facebook account which wasnt me.
I think i know who it is but dont know why. They are known to is and have made remarks in convos that they should not know. What do we do if its happening again. They are shady for sure and live on our street.

Reply

gravatar

tip https wmail9798@gmail.com

From ann on August 18, 2018 :: 3:33 am

More on phone

Reply

gravatar

Implantables are here and dangerous as You know what!

From deana on August 24, 2018 :: 10:31 am

You did not mention reversing electric signals using unacknowledged and stolen implantable technology used by criminals for harassment mind sabotage and information gathering through computer and reversed spy listening! Criminals figured out how to use the old “Spy cat 2-way war implants” now they are updated and anyone could have them and being stalked followed listened to and even being spied on and or robbed right under their nose but through their own body! Read Nano Implants want to know.com and this stuff is sold everywhere over the internet even in E-bay and all they have to do is hire a doctor to put them in! Dentally or surgically without your knowledge! and they think no-one can hear them because it is an internal real implantable 2-way spy implant1

Reply

gravatar

I was hacked by jealous boyfriend

From Candace on August 25, 2018 :: 1:52 pm

My phone was taken from me while I was pretending to be asleep. He did a free 5 day trial and could track my every move, see inbound and outbound texts as well as phone calls and all social media. He told me after the free five day trial was up he quit tracking me from that spy crap. How do I know for sure that I’m not being hacked,stalked, recorded and most importantly he can erase everything in my phone if he wanted to. Please help

Reply

gravatar

Help Required Please

From Rayhan on September 04, 2018 :: 3:59 am

Dear
i am using huawei P10lite, i just saw an email id
add in setting>accounts without my consent.
i dont how its add in.
my mobile is protected with bio metric security

please help me out

Reply

gravatar

FAke hacker

From Sayyed Shakir on September 18, 2018 :: 8:24 am

folks be careful of .(JavaScript must be enabled to view this email address) and .(JavaScript must be enabled to view this email address) same person. They will ask for money and then pretend to work on your case. After sometime will ask for additional money to go ahead. If you say no will disappear. He is completely fake

Reply

gravatar

how to know my mobile is hacked or not

From prity on September 21, 2018 :: 2:16 pm

pls tell me how to know is anyone else trapping my phone

Reply

gravatar

possibility of someone on phone other than me

From Jesse on September 22, 2018 :: 8:48 am

So a ccouple of days ago i got a text saying my photos are on WhatsApp
i had ignored but in typing a response to the person “who is this” i pressed preview and now my phone is acting up and it feels like someone is using it cause its opening apps up that i’ve never used, i have even reset my phone and still am having these weird actions pretty often

Reply

gravatar

I wanna knw did my phone was hacked

From Sofi on November 05, 2018 :: 9:45 am

When I try to open my fb acct ma password showed that it was wrong later some how I deactivated my account… Late I got a call from +8265number tell me did my phn was hacked by some one or not please

Reply

gravatar

Plz help

From Adrian on November 27, 2018 :: 7:35 am

Hello i am in need of help i have been hacked over and over everytime i create a new account through google i get hacked again, i have also changed phones 4 or 5 times and within a week they have me again i even went with another phone company and they hacked me within a weeks time thwy are also on my phone i can hear what sounds like a landline pickup and then hangup my calls have been redirected also plz if anyone can help me, they have also taken around 480.00 out of my account.

Reply

gravatar

Phones hacked and spyed on 24/7

From Billy on December 08, 2018 :: 12:13 pm

How can I figure out and put an end to finding out who is hacking into and spying on my phone and invading my privacy so that I can take legal actions against them to make sure get what got coming and prevent it from being a Continuous reoccurring situation

Reply

gravatar

phone hacked maybe

From manahil on December 14, 2018 :: 9:32 am

i dnt know my phone shuts in the middle of whatever I am using and it then restarts after a bit. it slows down while it doesnt has a specific problem.
i think its hacked. my phone is samsung galaxy note 4
please help

Reply

avatar

Sounds more like a phone issue

From Josh Kirschner on December 14, 2018 :: 10:30 am

That sounds more like a phone issue than hacking. Have you tried factory resetting the phone to see if that helps things?

Reply

gravatar

Hacked messages

From Simphiwe on December 16, 2018 :: 12:27 pm

How do i stop the hack on my phone, its J5 Grand Prime?

Reply

gravatar

My vivo x21

From Lewis on December 22, 2018 :: 2:15 am

My vivo x21 I was cheated to trade in with my mate10 then later I realised it was a demo or China set n now my phone was ridiculous…  Games cannot play after do.  Group chat in SMS after my so called friend use my phone when working. I lend my hot spot to a person name ah tan n he act as if dunno hp… But he asked to used my hot spot to dl play store then carousel then all becomes upside down… Pics coming to my album I dunno whose…  Pics of even my medicine in a physician…  Then I go interview I open GPS it juz shows rubbish direction…  N I am working n the apps also hang n I have no choice but to see the item address written 1 by 1 n was scolded for being slow for nothing…  Now my m1 dun even believed my data was overused…  It’s juz crazy…

Reply

gravatar

Hacked

From Adrian Gutierrez on December 26, 2018 :: 4:01 pm

I believe my girlfriend hacked my phone is using my emails to do fraudelent activities i need some help on how to handle this matter i called my local polica station and all they say is to factory reset the phone i need help guys i dont know what to do ?😞

Reply

Need help on how to

From Perry B White on December 29, 2018 :: 5:20 am

Need help on how to spy and track a cheating spouse?

Reply

gravatar

iPhone 7plus

From Michelle on January 05, 2019 :: 10:55 am

For the past year I’ve been having a lot of random numbers on my monthly statement that I know I have not called or texted. A lot are calls and texts that are sent to me and it all looks like I’ve been having conversations with ppl with these unknown numbers. One number is the location where prisons and jails go through for inmates to make calls. I know I haven’t talked to anyone in prison or jail. This is causing a lot of problems with my boyfriend. I’ve tried calling the phone carrier I go through but they keep telling me that there’s no way for this to happen so it looks like I’m guilty and I’m not. Someone plz help me get this figured out.

Reply

gravatar

Calendar

From Joan Muscat on January 07, 2019 :: 7:58 pm

Can someone enter their birthday on your calendar?
I tried to remove it and found it was like a public holiday - locked in.

Then it just disappeared.

Reply

avatar

You're probably syncing from another app

From Josh Kirschner on January 11, 2019 :: 12:23 pm

In your calendar settings, there is sometimes the option to sync holidays and birthdays from other services, like Google+. If you’re using Google Calendar, go to Settings and then click on Birthdays in the left panel to see what is syncing. You can also click the little eye next to Birthdays to hide birthdays from your calendar entirely.

Reply

gravatar

hacking

From sarah web on January 16, 2019 :: 9:34 pm

Believe me you’re in total control over your credit score, no matter how low or high it is
but the cost of poor credit is massive. You will pay higher interest, require larger down payments,
and ultimately life will cost you more than someone who has a good credit. The game of credit scores never ends,
you might have a high 700 credit score one week and come down to a low 600 the following week, that’s why
i keep my family hacker – Mark William close. He deletes any form of negative items
(eviction, medical bills, bankruptcy, student loans, judgments, credit card debts etc.) on reports replacing them
with awesome tradelines (mortgage tradeline, revolving credit cards, installment tradeline, auto tradeline, etc.)
that will help boost your score more effectively, efficiently and less costly. He adds or removes any info on credit profiles,
i guess he can hack the devil himself, LoL. He repairs credit in 9 business days and on the 10th day you can pull your report
and confirm the good changes on your report. Contact him today and you will be glad you did. Here is his contact; williamscyberghost @gmail.com

Reply

Read More Comments: 1 2 3 4 5

Home | About | Meet the Team | Contact Us
Media Kit | Newsletter Sponsorships
Newsletter Archive
Terms of Use | Privacy & Cookie Policy

Techlicious participates in affiliate programs, including the Amazon Services LLC Associates Program, which provide a small commission from some, but not all, of the "click-thru to buy" links contained in our articles. These click-thru links are determined after the article has been written, based on price and product availability — the commissions do not impact our choice of recommended product, nor the price you pay. When you use these links, you help support our ongoing editorial mission to provide you with the best product recommendations.

© Techlicious LLC.

site design: Juxtaprose