SecurityJuly 2, 20268 min read

What to Do If Your Phone Is Hacked

SC

By Sarah Chen

Head of Privacy Research

What to Do If Your Phone Is Hacked

Don't want to do this by hand? We remove your info from 100+ broker sites automatically.

Your smartphone contains your entire digital life — banking apps, email, photos, passwords, two-factor authentication codes, and personal messages. When a phone is hacked, the consequences can range from unauthorized purchases and stolen passwords to full identity theft. Device hacking increased 78 percent year-over-year in 2025, according to the Identity Theft Resource Center, making it the primary identity theft vector for working-age adults. Here is exactly what to do if you suspect your phone has been compromised.

Signs Your Phone Has Been Hacked

Look for these warning signs that indicate unauthorized access:

  • Unusual battery drain: Malware and spyware running in the background consume significant battery power. If your phone's battery life has suddenly dropped without explanation, it could indicate hidden processes
  • Unexplained data usage: Check your mobile data usage. Spyware sends your information to remote servers, which can cause noticeable spikes in data consumption
  • Phone running hot: If your device feels warm when you are not actively using it, background processes from malware may be the cause
  • Strange apps: Look through your installed apps for anything you do not recognize. Hackers sometimes disguise malware as generic system apps
  • Camera or microphone indicators: If the camera or microphone indicator light turns on when you are not using them, someone may be accessing them remotely
  • Unexplained outgoing calls or texts: Check your call and text history for messages or calls you did not make
  • Account lockouts: Being signed out of accounts or receiving password reset emails you did not request suggests someone else is accessing your accounts
  • Settings changes: If your phone settings change without your action — such as two-factor authentication being disabled or unknown email addresses being added as recovery options — take immediate action
  • Pop-ups and redirects: Excessive pop-up ads or browser redirects to unfamiliar websites often indicate adware or malware infection

Immediate Steps to Take

If you suspect your phone is hacked, act quickly and methodically:

Step 1: Disconnect From the Internet

Turn on airplane mode immediately. This cuts off the hacker's ability to remotely access your device, send your data to external servers, or receive new commands. Keep airplane mode on while you work through the following steps.

Step 2: Change Your Most Critical Passwords From a Different Device

Using a trusted computer or tablet — not your compromised phone — change the passwords for these accounts first:

  1. Primary email: This is the master key to all your other accounts
  2. Banking and financial apps: Banks, credit cards, Venmo, PayPal, CashApp
  3. Apple ID or Google account: These control your entire phone ecosystem

Step 3: Remove Suspicious Apps

Briefly turn off airplane mode to run a malware scan with a reputable mobile security app. Then go through your app list and uninstall anything you do not recognize or did not install. Pay special attention to apps with generic names and minimal user interfaces — these are common disguises for spyware.

Step 4: Update Your Operating System

Install the latest iOS or Android update. Security updates patch the vulnerabilities that hackers exploit to gain access. An outdated operating system is one of the most common reasons phones get hacked in the first place.

Step 5: Check Active Sessions

On a trusted device, check the active sessions for your major accounts:

  • Google: Go to myaccount.google.com/device-activity and sign out of unrecognized devices
  • Apple: Visit appleid.apple.com and review devices signed into your Apple ID
  • Email: Check your email's security settings for active sessions from unfamiliar locations
  • Social media: Review active sessions in the security settings of each platform

When to Factory Reset

If you cannot identify or remove the threat, a factory reset is the most reliable solution. Before resetting, back up your photos, contacts, and essential files to a secure location. After the reset, do not restore from a backup — reinstall apps manually and set up accounts fresh to avoid reintroducing the malware.

Skip the manual opt-outs

One opt-out won't stop them — brokers relist your data. PrivacyOn removes your info from 100+ sites and keeps it removed.

Start your free scan

Protect Your Financial Accounts

A hacked phone often leads to financial fraud. Take these additional steps:

  1. Contact your bank: Alert your bank and credit card companies about the compromise. They can flag your accounts for suspicious activity and issue new card numbers
  2. Freeze your credit: Place a credit freeze at Equifax, Experian, and TransUnion to prevent the hacker from opening new accounts in your name
  3. Review recent transactions: Check all bank and credit card statements for unauthorized charges. Dispute any fraudulent transactions immediately
  4. Monitor for identity theft: Watch your credit reports closely for the next several months for any unauthorized accounts or inquiries

How Phones Get Hacked

Understanding how phones get compromised helps you prevent it from happening again:

  • Phishing links: Clicking malicious links in texts, emails, or social media messages
  • Malicious apps: Installing apps from unofficial sources or apps that contain hidden malware
  • Public Wi-Fi attacks: Connecting to compromised Wi-Fi networks that intercept your traffic
  • SIM swapping: Hackers convince your carrier to transfer your phone number to their device
  • Physical access: Someone with temporary access to your unlocked phone can install spyware in minutes
  • Unpatched vulnerabilities: Running outdated software with known security flaws
  • Juice jacking: Plugging into compromised public USB charging stations

Prevent Future Compromises

  • Keep your operating system and apps updated at all times
  • Only install apps from the Apple App Store or Google Play Store
  • Use unique passwords for every account with a password manager
  • Enable two-factor authentication using an authenticator app, not SMS
  • Avoid clicking links in unexpected messages, even from known contacts
  • Use a VPN on public Wi-Fi networks
  • Set a strong passcode and enable biometric authentication
  • Regularly review app permissions and revoke unnecessary access

A Hacked Phone Exposes More Than Your Device

When your phone is hacked, the attacker gains access to everything on it — including personal information that can be used for identity theft. Even after you secure your device, your name, address, phone number, and other personal details remain available on data broker sites, making you vulnerable to follow-up attacks. PrivacyOn removes your personal data from over 100 data brokers, provides dark web monitoring for exposed credentials, and offers 24/7 alerts. Plans start at $8.33 per month.

SC
Sarah Chen

Head of Privacy Research

CIPP/US CertifiedIAPP MemberB.S. Computer Science

CIPP/US-certified privacy researcher with over a decade of experience helping consumers remove their personal information from data brokers.

Ready to Protect Your Privacy?

Let PrivacyOn automatically remove your personal information from data broker sites and keep it removed.