What To Do if Your Phone Has Been Hacked

Antivirus software is a useful prevention tool, as it detects malware that hackers use to access devices remotely, but even if you hadn’t downloaded antivirus software prior to a hacking attempt, you can use antivirus software to kick a hacker out of your device.

There’s one condition, though: the hacker should have used malware to perform the attack. Hackers use a variety of methods to hack into systems, some of which can not be detected by malware. For example, there are customer support scammers that will get you to install a legitimate mirroring app on your device to gain remote access. If that’s the case, then you’ll need more than just antivirus software.

As we said, though, if the hacker who took control of your phone used malware, antivirus software can remove the infection and free your phone. Here’s how:

How To Remove a Hacker From Your Phone

1. Use antivirus software. When antivirus software detects a piece of malware, it quarantines it to prevent it from affecting the rest of your phone. Once quarantined, you can safely remove the infection and stop it from spreading. For this to work, though, your antivirus software has to be on and running in the background all the time.
2. Contact businesses. Contact any financial services or e-commerce businesses that have your credit card or bank account information, which is very sensitive information indeed. Find out which transactions you need to dispute with your bank and, in some cases, report for fraud.
3. Delete apps. If you see any apps on your phone that you didn’t download, delete them.
   1. Factory-reset your phone. If, after doing all those things, you still believe someone else has taken control of your phone, your last resort is to factory-reset your device. Doing so removes all files and apps from your phone, but it ensures that whatever the hacker used to gain entry will also be removed.

iPhone:

1. 1. Go to Settings.
   2. Click “General.”
   3. Click “Reset.”
   4. Click “Erase All Content and Settings.”
   5. Enter your passcode or Apple ID password.

Samsung Android version 5.0 or above:

1. 1. Click “Apps.”
   2. Click “Settings.”
   3. Click “Backup and Reset.”
   4. Choose “Factory Data Reset.”
   5. Choose “Reset Device.”
   6. Click “Erase Everything.”2

5. Change your passwords. Finally, change the passwords of any breached accounts — a good practice whenever your login credentials are involved in a data breach.

How To Prevent Your Phone From Being Hacked

So, how do you prevent the nightmare from happening again? With just a few changes to your settings, you can greatly reduce the likelihood of your phone being hacked. Hallelujah!

1. Download antivirus software. Antivirus software works by scanning your phone for viruses and malware, and then removing any threats to your device. However, not everyone needs antivirus on their mobile device — only Android users. Learn how to get rid of a virus on Android and what the best Android antivirus options are. iPhones and iPads don’t need antivirus software, though they can be hacked in other ways. Antivirus can stop hackers in many cases. Read our antivirus guide to learn more.
2. Connect to VPNs on public Wi-Fi networks. Public Wi-Fi networks are as convenient as they are insecure. However, VPNs make connecting to public Wi-Fi networks safe. VPNs hide your browsing history and hide your IP address, changing your IP address to hide your location. VPN apps are available for both iPhones and Androids; we recommend the best iPhone VPNs and the best Android VPNs. In some cases, VPNs can stop DDoS attacks, so they’re a great solution for hopping on public Wi-Fi.
3. Don’t jailbreak. Jailbreaking your iPhone gives you total control over it, from where you download apps to how you arrange your interface. Although we like to control as much as anyone, jailbreaking an iPhone means missing out on Apple’s built-in security features, including malware scans. The same goes for Android users. Rooting an Android device is the equivalent of jailbreaking an iPhone, and unless you’re a security expert, we don’t suggest rooting your Android either.
4. Avoid phishing. Does something smell phishy? Maybe you got an email from an address you don’t recognize, or maybe you’re entering your login information on a site that doesn’t look quite right. Most antivirus software has protection against phishing, but if you’re unsure, your best bet is not to click on any unfamiliar links, emails, attachments, websites, or messages.
5. Use encryption. Whether or not you want to remain anonymous online, encryption is a great way to avoid hacking. Look for websites and apps that use end-to-end encryption, ideally the industry standard of 245-bit AES.
6. Only use trusted charging stations. One of the best things about living in the 21st century is public charging stations. God forbid we’re in public without a smartphone! However, these charging stations carry risks, like someone “juice jacking” your phone’s data through a USB drive. Hackers can easily access your phone’s data through the drive or even run malware. If possible, use an AC outlet instead of a USB charging port, as AC outlets only transmit power, not data. If only a USB is available, use a charge-only adapter or a data blocker. You’ll thank us later!
7. Set up phone locks and passcodes. Make sure that if you put your phone down for a certain amount of time, you need a passcode to open it back up. Here’s how to set up passcodes:

iPhone X or later:

1. 1. Click “Settings.”
   2. Click “Face ID & Passcode.”
   3. Click “Turn Passcode On.”
   4. Enter a six-digit passcode.
   5. Enter the passcode again to confirm and activate it.

Android:

1. 1. Click “Settings.”
   2. Click “Security.”
   3. Click “Screen Lock.”
   4. Choose “Standard Locks.”
   5. Choose “Password.”
   6. Enter more than four characters.

8. Add advanced authentication. Whenever it’s available, turn on biometric authentication, also known as multifactor authentication, or two-factor authentication (passcodes) to online accounts. Learn more in our authentication how-to guide.

9. Disable voice assistants on the lock screen. Having Siri or Google Assistant available before you unlock your phone is convenient, but it’s not the greatest thing for security. Follow these steps to disable these voice assistants:

iPhone:

1. 1. Go to your phone’s Settings.
   2. Click “Face ID & Passcode” or “Touch ID & Passcode.”
   3. Turn off Siri.

Android:

1. 1. Say, “Hey Google, open Assistant settings” to your phone.
   2. Go to Settings.
   3. Click “Personalization.”
   4. Click “Personal Results.”
   5. Turn on “Lock Screen Personal Results.”

10. Turn on “find my phone.” If you haven’t set up a passcode, a lost phone is a surefire way to get hacked. Fortunately, if you have a passcode and a “find my phone” feature, losing your phone doesn’t mean it’s getting hacked.

1. iPhone:

1. 1. Go into Settings.
   2. Click your name.
   3. Click “Find My iPhone.”
   4. Turn on “Find My iPhone.”

Android:

1. 1. Go to Settings.
   2. Click “Security.”
   3. Click “Find My Device.”
   4. Turn on “Find My Device.”

11. Turn off autofill. Another convenient feature in many browsers is autofill, which fills out personal information like your name, address, and phone number. However, if your phone gets into the wrong hands, this personally identifiable information (PII) could make you vulnerable to identity theft, so it’s best to disable it on your mobile browsers. Below, we’ve listed the instructions for Safari, the default browser on iPhones, and Chrome, the default browser on Androids.

iPhone:

1. 1. Click “Settings.”
   2. Click “Safari.”
   3. Turn off “AutoFill Passwords.”

Android:

1. 1. Open the Google app.
   2. Tap “More.”
   3. Tap “Settings.”
   4. Tap “General.”
   5. Turn off “Autocomplete With Trending Searches.”

12. Limit app permissions. Go into your phone’s settings, click on different apps, and see what permissions they have. Is your Google Maps app tracking your location at all times? Can your dating app see your text messages? For the most privacy, limit permissions as much as you can on various mobile apps.

13. Disable location tracking. Location tracking is a particularly scary concept that’s all too common in mobile apps these days. With location tracking on, a hacker could potentially follow you around, which means the digital threat could turn into physical danger. Follow these steps to disable it:

iPhone:

1. 1. Click “Settings.”
   2. Click “Privacy.”
   3. Click “Location Services.”
   4. Toggle off “Location Services.”

Android:

1. 1. Swipe down on your Android’s screen.
   2. Touch and hold “Location.”
   3. Click “Advanced.”
   4. Click “Google Location Accuracy.”
   5. Turn off “Improve Location Accuracy.”

14. Turn off Wi-Fi. We’ve already mentioned the dangers of public Wi-Fi networks, but if your Wi-Fi is enabled by default, your phone may be joining networks without you knowing it. Instead, only use Wi-Fi on an ad hoc basis. Follow these steps to turn it off:
iPhone:

1. 1. Click “Settings.”
   2. Click “Wi-Fi.”
   3. Toggle Wi-Fi off.

Android:

• • Swipe down on your Android’s screen.
  • Touch and hold “Wi-Fi.”
  • Turn off “Use Wi-Fi.”

15. Perform software updates. Software updates contain the latest security patches, so even though they may be annoying, perform them as soon as they’re available.
iPhone:

1. 1. Click “Settings.”
   2. Click “General.”
   3. Click “Software Update.”
   4. Click “Download and Install.”
   5. Click “Install.”
   6. Enter your passcode.

Android:

1. 1. Click “Settings.”
   2. Click “System.”
   3. Click “Advanced.”
   4. Click “System Update.”

16. Use secure passwords. The easiest way to protect your phone (and all of your other online accounts) is to use strong passwords. Each account should have a totally unique password. Learn more password security tips.

What Is Phone Hacking?