Someone on social media messaged me asking how to tell if their phone was hacked. Rather than provide a private answer, I’m posting an answer here.
Diagnosing a hacked phone is a complex problem. Ambiguities abound.
Hacked phone symptoms
- General sluggishness. When you tap or click, the response feels slower than normal.
- Shortened battery life. If your phone normally goes all day, or several days without recharging, unexpected low power messages midday after normal recharging may be a red flag.
- Unexpected “ghost typing”, unseen fingers seem to have taken over your keyboard.
- Unexpected pop-ups.
- Out going calls you did not make.
- Ransomware messages, demands for money to regain control of your device. (Other than those from your cell provider!)
Symptoms don’t always mean a hacked phone
In my experience, people think they have been hacked much more often than hacks actually occur because dire warnings of phone hacks catch attention and folks are on edge.
With the exception of ransomware messages, these signs are all ambiguous and each could be more or less innocent. When they occur, think carefully what could be causing them. The first question to ask is: What changed? Did you install a new app? Did you start using an app you have installed but have not used often? Have you changed your habits?
For example, general sluggishness can come from many different sources. If you run short of storage, performance can be affected. Installing an app that squanders resources, or is just too much for your device, can do the same thing. Loading a big batch of photos or videos onto your phone can be also the culprit. Most phones have a storage cleanup utility that may help.
Shortened battery life may be a sign that someone has gotten control of your phone and is using it heavily without your knowledge. However, battery life decreases over time and it may just be old age creeping up on your battery. Or you may have installed an app that is a power hog. Or your habits may have changed.
Ghost typing could be an over-zealous smart keyboard anticipating your thoughts. Or, my own failing, clumsy fat fingers. And for mysterious out-going calls, don’t forget the infamous “pocket dial,” (which occurs much less often with newer phones.) I’ve been fooled into thinking I had a hacked phone when an automatic upgrade kicked in and took over my phone.
Some legitimate apps pop up messages unexpectedly.
Some steps to take
Restarting your phone whenever it acts strange is a good idea. I won’t get into why now, but it often helps. If all is well after a restart, you are probably okay. If your phone is still acting up, try uninstalling anything new. Restart again.
Whenever you suspect you are hacked, try installing and running an anti-malware tool like Malwarebytes or McAfee. Your cell service provider, like T-Mobile or Verizon, may have a free anti-malware tool for you. Phones are less often vulnerable to hacks than other computers because Google and Apple exercise greater control over what you can install on them. I run anti-malware on my phone, but the overhead is high and many of my colleagues prefer not to until they suspect a hacked phone.
If this does not help, the next step is to go to a professional for help. A factory reset is probably on your dance ticket. You can do that yourself, but you may lose stored data, such as photos, contact lists, and stored email and you will probably have to reinstall some apps. Help from a pro can minimize these hassles.
General hack symptoms
Sometimes you are hacked without any of the above symptoms. Skilled hackers work hard to cover their tracks and you may never know how you were hacked. It might have been through your phone, but it could have been through your laptop, even your work computer. Sometimes, you are hacked through a system that you use rather than a computer that you access. Here are some signs that you have been hacked in some way that could have come via a phone hack or somewhere else:
- Your friends and contacts suddenly get a spate of spam from your email address, indicating that your email has been hacked. The hack could come via your phone or another of your computers. Or it could have been an assault on your email service. (Most of the time, you getting a flood of spam is not a sign that you have been hacked. It’s when your friends complain that you have to worry.)
- Activity on accounts that you did not initiate. For instance, posts in your name to your Facebook account that you did not post. Worse, credit card or bank account activity that you did not initiate.
The first step is to change the passwords on the bad accounts and contact the account provider. This is especially important for bank and credit card accounts. If you inform your bank or credit card provider promptly, they are required by law to minimize the damage to you. Usually, the bogus transactions will be reversed with no ill effect on you. This is a good reason to review your financial accounts frequently and regularly.
In these cases, I assume that one of my devices have been compromised and look hard for signs of hacking. Then I take steps to clean the computers up, starting with restarts and malware scans. Possibly ending with a reinstall, although that is usually not necessary. In 25 years online, I’ve reinstalled due to hacking only once that I remember. But I’m very careful. If you need professional help, get it.
Final advice
In my experience, people think they have been hacked much more often than hacks actually occur because dire warnings of phone hacks catch attention and folks are on edge. You should on the lookout for hacking, but practicing sound computer security hygiene, the chances you will be victimized go way down, especially if you are not a public figure with a target on your back. Cybercrime is more prevalent than ever before, but the victims are most often deep-pocketed businesses and public figures. Check out my six rules for online security.