Tech Made Simple

Hot Topics: How to Fix Bluetooth Problems | Browse the Web Anonymously | Complete Guide to Facebook Privacy | How to Block Spam Calls

Use It

author photo

How to Figure Out Who Hacked Your Phone

by on March 27, 2019
in Privacy, Phones and Mobile, Cell Phones, Mobile Apps, Android Apps, iPhone/iPad Apps, Tips & How-Tos :: 18 comments

Techlicious editors independently review products. To help support our mission, we may earn affiliate commissions from links contained on this page.

For most of us, our phones are the center of our daily lives, and as a result, they contain a treasure trove of personal information, from banking details to messaging and email accounts. This sensitive data can be pretty enticing to a range of the nefarious, from cybercriminals to someone you may even know.

Phone hacking can involve the unknowing download of spyware that relays information on your activity – such as logging keystrokes to scrape passwords; spy apps downloaded by someone with access to your device; or other malware that exploits your phone, for example by using its internet bandwidth in a botnet, as occurred with malware that affected nearly two million Android devices.

“The most common way that smartphones can be hacked is to infect the device with malware,” says Victor Chebyshev, a security researcher at Kaspersky Lab. This malware can arrive on the device buried inside apps downloaded by the user – and the likelihood of a malicious app rises when downloading away from the official app stores, which police their content. 

While iPhones aren’t immune to hacking, Apple’s strict vetting policy means the incidence of bad apps targeting iPhones (at least non-jailbroken ones) is lower than for Android phones. “Android devices are more susceptible to these kinds of attacks because they have the option to install applications from third parties,” says Chebyshev.

7 steps to figuring who hacked your phone

A sluggish phone or fast-draining battery are common symptoms of a compromised phone – but they can also indicate your device needs a spring clean to spruce up performance or improve its battery life. Another red flag is if your data usage has gone through the roof – this could indicate a dodgy app is sending data back to its mothership.

“Whether a user can determine who is responsible for a compromised phone depends on what kind of threat was on the device,” says Chebyshev. To narrow down the field of suspects, you can try to determine exactly how your phone is being compromised.

1. Check your phone bill

Are you being charged for premium-rate texts you never sent – or texts you never signed up for? You’ve probably been infected by malware that forces your phone to send or receive texts that generate revenue for cybercriminals. This common form of mobile malware is believed to be the first type found targeting Android, back in 2010, and today plenty of it is still floating around.

If you’re receiving premium-rate text messages, try texting STOP to the number. If this doesn’t work, you’ll have to contact your cell carrier who should be able to block the number.

If your phone is sending the texts, you may be able to fix it by running a security app such as Lookout which will remove malware (Android only). Try deleting any third-party messaging apps and any other apps you installed before the phone started sending the texts.

2. Go through your apps list

If there are any apps you don’t remember downloading, look them up online to see if any of them have been reviewed negatively for malware or other suspicious activity. In this case, the apps will have been compromised by a hacker who likely isn’t targeting you personally but is distributing malware with the aim of scraping as much data as possible. The BankBot malware, for instance, was a trojan that infected hundreds of Android apps to display a phishing screen to steal users’ banking credentials.

“If it was a regular trojan [malware coded within another app] the user will not be able to attribute who was responsible for the attack,” says Chebyshev. “If it was commercial spyware, it’s sometimes possible to figure out the responsible person.”

3. Look up your flashlight and battery-saver apps

Got a phone full of apps and can’t remember for sure which you downloaded? Some categories of apps have attracted more than their fair share of malicious actors – several flashlight apps on Google Play were infected with malware that tried to scrape users’ financial info, while one should be wary of battery-saver apps as they have often been used for malware, says Josh Galindo, director of training at phone repair service uBreakiFix

If you have these types of apps, check online for any negative reviews. You can also try deleting them to see if this affects your phone performance. “If you install an app and the device performance decreases, that’s an indicator,” says Galindo. “If you uninstall the app and your device begins working properly again, this means that the app is likely contaminated with malware and you should avoid downloading it in the future.”

4. Run a security scan

Android:  Commercial spyware is unfortunately all too easy to find online. Such spy apps have system-level access to extremely detailed information about your device activity such as the messages you write, photos you take and GPS location.

They also need to be downloaded physically to your device – which means if they’re on your device it was done by someone with access to your device (and your PIN). Chances are, you can figure who in your life would want to monitor your phone. 

To find out if you have such apps on your Android phone, download a security app such as McAfee, which will flag any malicious programs. (Spy apps on a non-jailbroken iPhone are far less prevalent since such software – which tampers with system-level functions - doesn’t make it onto the App Store.)

iPhone: Didn’t jailbreak your iPhone? Doublecheck that nobody else has either, by downloading a security app such as Sophos which will alert you if your iPhone has been jailbroken, and flag any malicious activity. However, whether security software can find spy apps will depend on how sophisticated or new the spy app is since security software scans for malware that’s already known. (That’s why it’s crucial to download updates to security software as soon as available since updates will incorporate new instances of discovered malware.)

5. Scroll through your call list

Done all of the above and still convinced that someone somewhere has your personal data, siphoned from your smartphone? Apps aren’t the only way a phone can be infected by malware. Have you picked up any random calls lately? “Callers offering a free cruise or claiming that you won a sweepstakes are likely scam efforts to hack your information or record your voice,” says Galindo.

6. Did you click that link?

If you recently clicked on a link on a text message or an unexpected pop-up, you may have inadvertently fallen prey to phishing. One scam last year involved a fake virus alert that contained a Remove Virus button that took users to a link to download “security software” or call “tech support” – with the intent of getting victims to reveal personal information to the other end. 

It’s often impossible to divine who is behind such scams, although you can report any phishing texts to your cell carrier and block these numbers.

7. Consider the last time you used public Wi-Fi

According to Kaspersky Lab, one in four hotspots are unsecured, and even the ones that are password-protected could potentially be set up by someone with malicious intent.

If your phone isn’t protected by a VPN and you logged into an unsecured public Wi-Fi hotspot, it’s possible someone could have been spying on the connection – and scraped your sensitive information if you logged into your email or bought something online.

3 steps to take if your phone has been hacked

1. Delete any apps or messages that may be malicious

If this fixes any performance issues, great. Even if not, it’s a good idea to clear your device of apps that may have been flagged by that security scan you did.

2. Do a factory reset

If after deleting the suspicious app(s) your phone is still behaving strangely, this nuclear option is a quick way of clearing your device of malicious – or sluggish - software left behind.

Android: Settings > System > (Advanced) > Reset options > Erase all data

iPhone: Settings > General > Reset > Erase All Content and Settings

3. Check if your information is out there

Unfortunately, many hacks and malware present few to no symptoms and often the only time people are aware of a breach is when their digital services are hacked, or, worse, they’re the victims of identity fraud, where hackers have used their stolen information to open accounts or lines of credit. 

There are a few tools you can use to check if any of your information has already been compromised. Have I Been Pwned? is a website run by security developer and Microsoft Regional Director Troy Hunt that checks if email addresses have been exposed in breaches of popular apps and services.  

We also like the Dashlane password manager, whose Premium version (from $3.33/month) scans the Dark Web for instances of your emails or logins being posted for sale.              

If you find that your logins – particularly passwords – are floating around online, the first thing to do is to change your passwords. The best way to do that is to use a password manager which can automatically generate and save complex, unique passwords for each of your accounts. Check out our top-rated picks here.

Depending on the scale of the information that has been exposed, you may want to set up a fraud alert at the major credit agencies, which will require any potential creditors to request additional verification of your identity. 

[Image credit: phone hacker concept via BigStockPhoto]



Discussion loading

gravatar

Scammer numbers that could possibly hack phone

From John on May 23, 2019 :: 8:44 pm

Figured I would put a list of scammers that called me and a couple of my friends. That way robots could pick them up and call them. Dont answer they might hack your phone.
843-485-xxxx

Reply

avatar

Editing out numbers in your list

From Josh Kirschner on May 24, 2019 :: 9:07 am

Most robocalls are now coming from spoofed numbers. So putting a list up here is most likely only putting up completely innocent people, not the spammers.

Reply

Someone hacked my phone who

From Derrick Peeples on May 28, 2019 :: 6:20 pm

Someone hacked my phone who was it and why

Reply

gravatar

Who is hacking me

From Imfuxed on June 30, 2019 :: 9:29 am

You are most likely being gangstalked-I think they also use legion as there parent company —soon there will be a way to not having this pribkem

Reply

gravatar

Someone hacked my location history

From Jayaprakash on June 27, 2019 :: 11:16 pm

Someone hacked my location history

Reply

gravatar

hpw do i find putvwhpvid listenongvto my phpne calls reading myvtexts sharing an account of my email

From Rhonda Hall on June 28, 2019 :: 1:10 am

who is spying on my phpne and why! how do i catch the persons involved and put a stop to it and bring them tp justice

Reply

gravatar

Forest River Inc. / The company of mass corruption/ Built and Founded on Drugs

From Dave on July 02, 2019 :: 1:02 am

I know the exact group who tapped my cell phone and hacked my home computer. Law enforcement refuses to take action. The dope man has the law in this area under his thumb.
This is the 3rd time I have dealt with this in the last 11 years. Forest River Inc. (Goshen, IN)......
As long as you are willing to distribute and sell drugs that come from the top. You will be just fine at Forest River. You refuse to possess and deal their drugs of mass corruption….. Expect the worst. You will be TARGETED for harrassment, intimidation, bullying and threats. Threats to your life and the safety of your family. Forest River Inc. is built and founded on mass corruption. Every law will be twisted to benefit Forest River’s upper management. Indiana’s free-will employment will be used against you. Management will blatantly ignore all threats made by any ‘member’ of their organized drug ring. Harrassment and death threats are promoted by Forest River’s upper management and HR is trained to lie and sweep under rug laws that are set by Indiana State Law.
Forest River’s upper management makes their own laws and operates under absolute police protection. Upper management has also strategically placed life time retainers on the dirtiest attorneys to make I a living hell if your figure out the dope man’s real business isn’t RV trailers.
Forest River Inc. is a fake front for the real business at hand. Police protection via gifts and kick backs. Protection via financial contributions to State Law enforcement.
Gift contributions for elected officials.
Dope man has his thumb on the State’s officials. That equils…...create his own laws of mass corruption…...Billionare on corruption!!!! Goshen PD corrupt to the core!!!!

Reply

gravatar

Sound like

From 3rd on July 02, 2019 :: 5:24 pm

??? I have serious problems with my phone u post that? Is that a threat? Can’t have everybody in your pocket and can’t payoff the whole world. Everybody gets caught eventuality. PROMISE.

Reply

gravatar

Help

From Girlie on July 02, 2019 :: 5:03 pm

Someone’s hacking my life. There in my phone,facebook, gmail, my pictures, my predictive texts even my tv; Chromecast mabey.They even drive by my house and say things that are out of context with what’s going on at the moment, but seen to relate to me. I’m left scratching my head sometimes sometimes. I ask my husband if he’s doing this? He swears no, but don’t someone need my phone to install spyware?

Reply

gravatar

Help Again . John How

From Girlie on July 02, 2019 :: 5:13 pm

Any advice.

Reply

gravatar

Help Again

From Girlie on July 02, 2019 :: 5:20 pm

John How outta Carrollton Ga, won’t help me he’s my attorney I have him on retention. Is he working for the group that’s hacking my life? Someone paying him to ignore me?

Reply

gravatar

Help

From 3rd on July 02, 2019 :: 5:21 pm

Please any advice to stop the ASSHOLES who are hacking my life.

Reply

gravatar

Funny that a threat. Everybody

From 3rd on July 02, 2019 :: 5:27 pm

Funny that a threat. Everybody gets caught eventuality. Can’t payoff the whole world. Like maybe the Secret Service. That’s me being desperate.

Reply

gravatar

Mitochondrial eve

From Hotbarbie on July 22, 2019 :: 11:48 am

Hi
I hope you can help

Reply

gravatar

Some stoked my info

From Michael soverns on July 30, 2019 :: 10:06 pm

Somebody stoked my phone and changed my info I can’t reset it cuz they changed my device password and stoked my Sims card what do I need to do

Reply

avatar

Here's how to reset your phone

From Josh Kirschner on July 30, 2019 :: 10:37 pm

We have an article on how to reset your Android phone if you can’t remember your password. It will give you the steps for all the major Android brands and models.

Reply

gravatar

Someone told me that they were hacking my phone

From Dana McKenzie on August 09, 2019 :: 11:55 pm

Someone told me that they hacked my phone wirelessly and i would like to know what I could do to setup them from getting into it again.

Reply

avatar

How do you know they hacked your phone?

From Josh Kirschner on August 13, 2019 :: 5:12 pm

Just because someone told you they hacked your phone doesn’t mean they did. Do you have any real evidence your phone was hacked?

Until you know if your phone was hacked and how it was done, it’s hard to provide any specific advice. But we have a whole article on how to prevent your phone from being hacked if you want general tips.

Reply

Home | About | Meet the Team | Contact Us
Media Kit | Newsletter Sponsorships
Newsletter Archive
Terms of Use | Privacy & Cookie Policy

Techlicious participates in affiliate programs, including the Amazon Services LLC Associates Program, which provide a small commission from some, but not all, of the "click-thru to buy" links contained in our articles. These click-thru links are determined after the article has been written, based on price and product availability — the commissions do not impact our choice of recommended product, nor the price you pay. When you use these links, you help support our ongoing editorial mission to provide you with the best product recommendations.

© Techlicious LLC.

site design: Juxtaprose