Two hands entangled by red threads with a phone placed between them; the phone’s screen is red and has an eye in the center.

You wake up and decide to scroll a little (as we all do). After a while, your phone gets really hot. You check your Camera Roll and notice a couple of photos you didn’t remember taking yesterday. If this has happened to you, read on because these are just two signs of phone hacking. 

How to know if your phone is hacked, and how can you protect yourself from being hacked in the future? This article answers these questions.

The symptoms of a hacked phone: drained battery, slow performance, overheating, increased bill, unknown apps, and messages you didn’t send.

Table of contents

    How to tell if your phone has been hacked

    Android devicaes may appear to be more susceptible to hacks, but iPhones aren’t entirely safe either. So stay on the lookout for the signs below:

    The phone slows down, heats up, or drains the battery
    Malicious software might be running in the background. To check for issues, examine running apps, memory, and space.
    Your contacts receive messages you never sent
    Malware exploits your messaging apps to spread itself to your contacts. If your friends report receiving suspicious messages from you, investigate immediately.
    Increased mobile data usage or phone bill
    Check for unusual app usage and calls you don’t remember making. Also, listen for unusual background noises during calls to detect spying or call tapping.
    Unknown apps start popping up
    Suspicious apps you didn’t download appearing on your phone can be signs of hacking.
    Your phone acts weird
    Your phone reboots unprompted, doesn’t shut down or settings change? A malicious app may be the root cause and may be stealing your personal data.
    Unknown purchases in your credit history
    Unfamiliar purchases in your credit card history may indicate a hacked phone.
    Receiving unrequested 2FA codes
    If you get a two-factor authentication code you didn't request, someone may have your password and is trying to access your account. Don't enter the code, and change your password right away.
    Camera or microphone indicator turns on without a reason
    Stalking and monitoring apps will use your microphone or camera in the background. If your indicator lights or icons randomly turn on, this could be a sign of a hacked phone.‍

    Individually, these symptoms don’t necessarily indicate that a hack took place. But if your phone shows several of them, it is likely your phone has a virus or has become the target of a hack. We’re going to explain the whys and hows now.

    Your device is slowing down or heating up or draining the battery for no reason

    There are several reasons why your phone could slow down, heat up, or start gobbling up energy.

    That said, if you haven’t carried out any OS (Operating System) updates recently and you’re not running any resource-intensive apps, you should start worrying. This may be a sign that there’s malware running in the background.

    For example, hackers may be using your phone to launch DDoS attacks or mine cryptocurrency, which are resource-intensive processes.

    That’s why you should check which apps are running, how much memory they’re using, and how much free space exists on your device. If you can’t find the reason, you may have had your phone hacked. 

    Your contacts receive messages you never sent 

    If your phone is hacked, the malware that the hackers left on your phone may use your email, instant messaging services, and text messages to spread themselves to your contacts. They usually send messages in your name and attach a link or a file that would infect other devices.

    If someone complains to you about something suspicious you sent, start looking into it — it may be that your phone has been hacked! 

    Your data usage increases without you doing anything, or there’s a spike in your phone bill

    Unexpected increase in data use could mean that your phone was hacked to transmit data; for instance, it may be using your phone’s resources to mine cryptocurrency or steal your photos. It may also mean that a hacker is spying on you. Check your app data usage and see which app could be the prime suspect. If there are any anomalies, you can tell that your phone has been hacked.

    You may also notice that your phone bill has increased — yet you don’t remember making that many calls. It would be a sign to check your records for numbers that you didn’t call. If you find any, your phone might’ve been hacked, and criminals may be using it as a proxy. 

    Also, be aware of strange background noises and interference during phone calls. It may be a sign of weak reception. However, it may also show that your call is being tapped and someone is listening to your calls.

    You notice a new app you didn’t install and/or the antivirus software is missing

    Finding suspicious apps means that somebody has installed spyware on your phone. Your antivirus software disappearing may be the effect of a virus protecting itself — malware sometimes uninstalls antivirus software. If you didn’t do it yourself, it’s one of the ways you can tell that your phone is hacked.

    Your phone acts weird

    Does your phone reboot without a reason, doesn’t shut down, or change its settings? Do apps open on their own, or do you get lots of pop-ups? Minor software errors may be the cause, but it may also be a sign that your phone is hacked.

    If you notice that, for example, your Bluetooth is turning on despite you not using it, it may be a sign of a malicious app using it to infect other devices or to gain access to your personal data.

    Unknown purchases on your credit history

    If you start seeing purchases you don’t remember popping up in your credit card history, it means there’s trickery afoot. Now, it can be some other form of credit card fraud, but a hacked phone is also one way a thief can get around fraud protection. It’s also worth checking your phone if your bank informs you that they blocked a suspicious transaction.

    Receiving unrequested 2FA codes

    Getting too many 2FA requests may indicate more issues than just a hacked phone — one of your online accounts may have been compromised, and your device may have a hacker’s monitoring app.

    When a hacker tries to access your account, you receive a 2FA request. The hacker may monitor your device with an app that records your keystrokes. Receiving unprompted 2FA requests may mean your phone is compromised, but it definitely means one of your online accounts is hacked.

    Tip: use a password manager to increase your mobile security and minimize the risk of exposing your password.  

    Camera or microphone indicator turns on without a reason

    Indicator icons are hardwired to turn on whenever the camera or microphone is being used. So if you haven’t used them and the indicator icon is on, someone else is using them to stalk you — a sign that your phone is hacked.

    Another related giveaway of a hacked phone — you find random recordings and photos in your gallery you don’t remember taking. If you keep finding these photos in your cloud backup folders, someone is definitely spying on you.

    Minimize the threat of malware
    with a VPN

    How to know if your phone camera is hacked

    Few things are as invasive to your privacy as having your phone’s camera hacked. Here’s how you can tell whether it happened: 

    • Perform the camera test: open the camera and zoom the image in and out. Notice the speed of the zoom. If it’s slower than usual, it may be because the camera was hacked.
    • Monitor the battery level: battery dying too fast for no reason may be a sign of some hack or another. The hacker is the one at fault for the additional consumption. 
    • Inspect the camera folder: photos and videos that you didn’t take appearing there may be a sign that spying malware is at work.
    • Look at the camera permissions: you probably know which apps on your smartphone may need camera access to function. Any suspicious app on the list should be checked to see if it’s not malware.

    As always, having just one symptom doesn’t necessarily mean that your webcam is hacked. Nevertheless, it doesn’t hurt to check. 

    How to know if my SIM card is hacked

    Here are some ways to tell if your SIM got hacked:

    • You received a request to restart your phone: SIM hacking techniques eventually need you to restart your phone. So be suspicious of any outside requests to do so.
    • You’re no longer receiving calls or texts: a network will not register two identical SIM cards, so if yours is hacked, you won’t get calls or texts anymore. Just ask a friend to text or call you. If they come through, your card hasn’t been hacked.
    • Unknown numbers on your bill: you can check your phone bill to see if there are any outgoing calls to numbers you don’t know. Their existence may point to your SIM card having been hacked.
    • Losing access to your accounts: quite a few two-factor authentication services need you to verify that it’s you by entering a code you receive via text. So if you can’t access these accounts and texts aren’t coming through, your SIM card has been hacked.
    • Location tracker shows different locations: a rookie hacker may not disable Find My iPhone for iOS, or Google’s Find My Device for Android. In these cases, these services will show your phone to be somewhere else entirely than where you are. 

    What to do if your phone is hacked

    Once infected, the plan of action should go as follows: reset the phone to factory default → scan for potential viruses → inform your contacts. In the worst case scenario — reinstall your OS.

    Factory reset on iPhone

    Factory reset is the deletion of data on your mobile device and returning the settings to the factory baseline. Resetting your phone is like giving it a fresh start without completely wiping everything. Here’s how to do it on iPhone:

    1. Open Settings.
    2. Select General.
    3. Scroll down to Transfer or Reset iPhone.
    4. Tap Erase All Content and Settings.

    For a more detailed guide, read Apple’s support page on restoring your Apple device to factory settings.

    Factory reset on Android

    Factory resetting for Android users will differ depending on the manufacturer, but the general steps to resetting it are:

    1. Open Settings.
    2. Tap General & Backup and reset or Backup and reset
    3. Choose Factory data reset.
    4. Select Reset device.
    5. Tap Delete all or Erase Everything.

    Since there are many Android manufacturers, remember to check their websites for more direct guides.

    Reinstall your OS

    Experienced threat actors can plant malware even deeper — next to the data that’s vital to your phone’s operation. Reinstalling the operating software may help remove such apps, but it’s more drastic than a factory reset.

    Reinstalling involves wiping everything from your phone — settings, apps, the operating software, and even the firmware. It’s like the “nuclear” version of formatting your device back to factory settings.

    Tip: Before you reset or reinstall the operating software, make sure to back up your contacts and important media, otherwise they might get lost.

    Scan your phone with anti-malware software

    Some malware avoids the “Factory Reset Detection.” Meaning they may be there once you reinstall your OS. Simply put, if malware has access to major executive controls, then no number of resets or OS reinstalls will help.

    To combat this issue, scan your phone with an antivirus app and make a habit out of it. An antivirus will scan your device, recognize malware and delete it. 

    Note: Surfshark offers Antivirus on Windows, Android, and MacOS.

    Stay safe & scan often
    And keep your phone secure

    Inform your contacts

    A man-made virus works very much like a pathogen — it needs to spread to other hosts. In this case, a malicious app is transferred through a message or a phishing link sent from your device. So that nobody would open a fatal email or link, you have to do your part and inform your contacts.

    How to find out who hacked your phone

    A smartphone with a hooded figure and a message “Hacked by” on its screen.

    Finding out who hacked your phone depends on the hack. If it was a link in an email or if you were hacked using vulnerabilities of jailbroken iPhones and unofficial Androids, then it is impossible to tell who did it.

    If you found a spy app installed on your phone from either the Google Play Store or Apple Store, it had to be someone with physical access to your phone. But it’s hard to tell if the culprit did it without logging in to any of their accounts.

    How can I protect my phone from hackers?

    So now you know the signs of being hacked, but how do you prevent this from happening in the first place? Here are some safety tips:

    1. Avoid public Wi-Fi networks or unfamiliar Bluetooth sources.
    2. Stick to apps from official stores.
    3. Don’t click on suspicious links or download questionable attachments.
    4. Install antivirus software and update it often.
    5. Only charge your phone via a secure charger.
    6. Use a PIN and never leave your phone unattended.
    7. Use an email masking service.
    8. Use a VPN (Virtual Private Network).

    And, now, in a little more detail.

    Avoid public Wi-Fi or broadcasting yourself

    A free public Wi-Fi hotspot may be a trap. Hackers set up fake hotspots to steal data all the time. So, be careful and make sure that you’re connecting to the actual Wi-Fi spot.

    But even a genuine one could be compromised (for example, by a less than moral employee with access to the router). To prevent accidentally exposing your personal information in public, turn off your Wi-Fi auto-connect feature, Bluetooth, and personal hotspot functions when not in use

    Only install apps via the official app store and back up your data 

    Official app stores are less likely to include malicious apps or apps that are infected with malware. Some privacy risks may still exist, but those can be avoided by being selective.

    Either way, backing up your data is generally a good idea. In case you download an infected app — it’s easier to do a factory reset if you have backed up your data and contacts.

    Don’t click on suspicious links in emails or social media, and never download suspicious file attachments

    If a file or a link looks suspicious, then it probably is. Remember that some malware spreads automatically, so strange links from your friends and relatives may be a virus trying to get in. Knowing that, don’t open those files or links, and inform the person it came from.

    Install antivirus software and update it often

    Regular antivirus apps can defeat common threats. But they have to be regularly updated, just like any other app, because those updates often include fixes to recently uncovered security issues. 

    Only charge your phone via a secure charger 

    USB chargers use wires and ports that can be used for data transmission. Hackers are fully aware of that, planting malware onto these chargers and “accidentally” leaving them lying around, hoping you plug them in and infect your device. 

    So only use your own charger, and be careful with chargers in rental cars. If you must use a charger you can’t trust, choose the “Only Charging” option on your phone.

    Use a PIN and never leave the phone unattended

    A pattern lock is mostly a nuisance, and a PIN or a fingerprint scanner is a much better way to secure your phone if you let it go out of your sight. Even better, don’t let it get out of your sight, and don’t leave it unattended.

    Use an email masking service

    An email masking service, like Alternative ID, can help enhance your phone’s security, but it does so indirectly — it prevents overexposing your personal details, which also affects your phone.

    When signing up on a not-so-trusty-looking website, Alternative ID will create a fake online personality and email. It will help avoid being involved in data breaches.

    Use a VPN

    A VPN is a security software that encrypts your internet traffic. So, if a hacker were to steal your data by using, say, a fake Wi-Fi hotspot, they wouldn’t get anything useful. It also keeps your IP (Internet Protocol) address — your device’s address online — safe by changing it with the IP address of the VPN server.

    In conclusion: don’t sleep on your phone’s security

    At this point, you should know how to tell if your phone has been hacked. But, as we stated before, it’s best not to allow hackers or mobile malware on your phone in the first place.

    One of the most reliable ways to do that is to secure your connection with a VPN for your phone. As a bonus, you can get the Surfshark One subscription that comes with Surfshark Antivirus — and antivirus is one of the best apps to prevent your phone from being hacked.

    Improve your phone’s security
    with a VPN
    without a headache


    What happens if your phone is hacked?

    If you are suspicious of your phone being hacked, look for “irregular behavior” like strange activity on your online accounts, unfamiliar calls, messages, texts, and, most importantly, your phone working really slowly and losing battery quickly.

    Can your phone get hacked?

    Yes, like any other piece of software, your phone can get hacked too. It can happen via a phishing attack, malicious apps, or an “infected” USB cable, just to name a few examples. So, it’s important to keep yourself informed on how that happens and how to prevent it.

    Can you “unhack” your phone?

    Yes, you may “unhack” your phone by deleting any recently downloaded files or apps. There is a huge chance that the hacker has downloaded malicious apps that are running in the background, so be sure to have an antivirus scan the phone. If insufficient — manually look into the system and look for files that don’t belong.

    Who do I contact if my phone is hacked?

    If your phone is hacked, you should contact a phone repair shop or the place you bought the phone at, as well as your service provider. Afterward, you should also inform your contacts as they may be receiving messages meant to infect their devices.

    How can I stop my phone from being accessed remotely?

    To prevent your phone from being accessed remotely, you should update your software, use 2FA, check your phone for suspicious apps, and uninstall them. You should also avoid jailbreaking (for iOS) and rooting (for Android) because they can expose your phone to security risks.