Skip to main content
For You
For Parents
For Business

Were you a victim of the latest breach? Save up to 60% and get protection now!

Help Keep Your Kids Safe With New

Online Safety and Balance Tools

Get Help
Is your child ready for a cell phone? Take this quiz to find out.
Start Quiz
Illustration of a tilted question mark

Award-winning identity theft protection with AI-powered digital security tools, 24/7 White Glove support, and more. See pricing.

What do hackers
know about you?
Run a scan and find out now.
By entering your email and clicking "Scan", you agree to our Terms and acknowledge our Privacy Policy.
Categories
 / 
Internet Security

How To Know If Your Phone Is Hacked (12 Warning Signs)

By Ryan Toohil

Ryan Toohil

CTO at Aura

Ryan Toohil has a BS in Computer Engineering from Virginia Tech and holds multiple patents in the web services domain. As the CTO at Aura, he leads the platform, information security, and corporate IT teams.

Read full bio
|

Reviewed by Jory MacKay

Jory MacKay

Aura Cybersecurity Editor

Jory MacKay is a writer and award-winning editor with over a decade of experience for online and print publications. He has a bachelor's degree in journalism from the University of Victoria and a passion for helping people identify and avoid fraud.

Read full bio
|
November 3, 2025

Signs of a hacked phone include reduced battery life, higher data usage, unusual device behavior, new apps, locked accounts, and receiving 2FA codes.

Want alerts if your personal information is at risk?

Aura keeps you safe from scams, fraud, and identity theft. Free for 14 days with a 60-day money-back guarantee.2

trustpilot 4.5 stars

Rated X.X on Trustpilot, ---

Get Identity Theft Protection
Call 855-647-0703
trustpilot 4.5 stars

Rated X.X on Trustpilot, ---

Illustration showing a warning symbol coming out of the top of a smartphone

Can You Tell If Your Phone Has Been Hacked?

Unfamiliar apps, losing access to your accounts, call and messaging features that suddenly stop working, and performance issues — such as apps crashing, a hot or loud device, and reduced battery life — are all common signs that your phone has been hacked.

While Android devices receive significantly more malware threats than iPhones, all mobile devices can be targeted by cybercriminals.

A 2025 cybersecurity report from mobile security provider Zimperium found that 18.1% of all devices had malware installed.

A hacked mobile device is one of the most dangerous cybersecurity threats of 2025. Scammers target smartphones to gain access to calls and texts (including two-factor authentication codes), apps and accounts (which can include your online banking and email accounts), sensitive data, photos, and videos.

Here are the most common warning signs that your phone has been hacked and how to respond effectively, according to the Federal Trade Commission (FTC), Cybersecurity and Infrastructure Security Agency (CISA), and other mobile security authorities.

12 Warning Signs That Your Phone Is Hacked

Hackers can use a number of methods to hack your phone or online accounts — from malicious links in phishing messages and dangerous apps in third-party app stores, to hacking public Wi-Fi networks or taking over your phone number through a SIM swapping scam.

Regardless of how your phone gets hacked, malware and viruses almost always cause performance issues with phones or services. If you notice any of these warning signs, act quickly to remove the hacker from your phone.

💡 Pro tip: There may be other causes for these warning signs. Use this quick checklist to diagnose where your iOS or Android device has (or hasn’t) actually been hacked:

Symptom What it could mean How to check on iOS How to check on Android
Battery drains quickly Malware or spyware is running in the background. Go to Settings > Battery. Review "Battery Usage by App." Go to Settings > Battery > Battery usage. Review app usage.
High data usage Malicious apps are sending your data back to hackers. Go to Settings > Cellular. Scroll down to view data usage per app. Go to Settings > Network & internet > SIMs > App data usage.
Phone is overheating Malware is overworking your device’s CPU. Check battery usage for apps consuming high power. Check battery usage for resource-heavy apps.
Calls are being forwarded Scammers are intercepting your calls and 2FA codes. Dial *#21# and *#62#. Review results for unknown numbers. Dial *#21# and *#62#. Review results for unknown numbers.
Calls/texts aren’t received A SIM swap attack has given scammers access to your phone number. Check carrier status. Restart phone. Test with multiple contacts. Check carrier status. Restart phone. Test with multiple contacts.
Can’t access apps or accounts Hackers have taken over your accounts and changed passwords. Request a password reset. Enable 2FA to protect accounts. Request a password reset. Enable 2FA to protect accounts.
Slow performance Malware is consuming system memory and processing power. Check storage at Settings > General > iPhone Storage. Close unused apps. Check storage at Settings > Storage. Clear app cache.
Unfamiliar apps Malware or spyware are disguised as harmless-looking apps. Review all app icons, and check Settings > General > iPhone Storage. Review the app drawer and check Settings > Apps > See all apps.
Camera/microphone lights are on Spyware is secretly recording you or your surroundings. Swipe down to open the Control Center. The app using the sensor is listed at the top. Swipe down to see the green icon. Tap it to see which app is using the sensor.
Intrusive pop-up ads There is an adware infection on your device. Check if pop-ups appear only in the browser or across all apps. Check if pop-ups appear outside of the web browser.
🛡️ Protect all of your devices with award-winning digital security. Aura’s antivirus plans combine mobile security tools — such as antivirus software, a VPN, and password manager — with identity and credit protection and 24/7 support — plans start at $3/month.

1. Your phone battery is draining more quickly than usual

Faster than usual battery drain on your phone is a sign that you may have fake or malicious apps running in the background.

Check your phone's battery settings to see which apps are using extra battery life. This can also help you determine if you're dealing with malware or a different issue.

2. Higher than expected data usage on your phone bill

Malware and other viruses may send and receive data in the background, leading to unexpectedly high data usage on your phone bill. You can check which apps are using up your cellular data by going into your phone’s settings and searching for cellular.

3. Performance issues, such as a slow or crashing device

Poor performance, unusual activity, and device crashes are all signs of a compromised phone. If you find apps running sluggishly, or your phone takes too long to open apps, malware could be using up your system's resources.

Do this first: Performance issues aren’t always caused by malware or phone hacks. Sometimes corrupted files or apps need to be reset. On Android devices, you can try rebooting your device in Safe Mode, which will run only a few limited apps and processes. If your device works fine in Safe Mode, you’re dealing with a problematic app that needs to be removed.

4. Your device is abnormally hot

Some malware infections use up so much of your phone’s resources that it may overheat or feel warm to the touch. You can check to see if apps are running in the background and using up your resources. On iPhone, you can simply turn off background app refresh to see if that fixes the issue. Android users need to enable developer options and then look into running services.

📚 Related: How To Check For Viruses on iPhones

5. Unfamiliar apps on your phone’s home screen

Hackers sometimes disguise malicious software as normal-looking apps. Unfamiliar or suspicious apps on your home screen should be checked and deleted. You can look for newly installed apps in your app library on both Apple and Android devices.

This is especially prevalent for anyone using a jailbroken or rooted device, which allows you to download apps outside of the Apple App Store or Google Play Store.

Pro tip: Beware of strange Bluetooth connections. Hackers can use Bluetooth to take control of nearby devices with open-Bluetooth pairing enabled. Bluetooth hackers can also send malicious links and software via Bluetooth through a type of attack called Bluejacking. Though this is a serious threat, users can easily defend against it by disabling open-Bluetooth connections.

6. Constant notifications or pop-ups

Certain malware known as adware can flood your device with pop-ups and notifications, or even launch apps on their own.

If you’re seeing this kind of suspicious activity on your phone, one place to check for adware is in your mobile browser’s extensions. For example, on iOS devices, go to Settings > Safari > Extensions and delete any unknown extensions that could be causing issues.

📚 Related: How To Remove Adware From Android Devices

7. You’re locked out of your Apple ID or Google account

If hackers break into your Apple ID or Google account, they can change your passwords and lock you out of your other critical accounts. If you can’t access your Apple or Google account, consider it a major red flag. Immediately follow the account recovery instructions from both Apple and Google.

Pro tip: Use Aura’s free data breach scanner to check if your phone number or passwords were leaked. If your sensitive information is circulating on the Dark Web — such as your name, address, phone number, or Social Security number (SSN) — you could become an easier target for hackers.

8. You can’t log in to your online accounts

Hackers can use malware to spy on you and uncover your account passwords (known as Account Takeover Fraud). If your passwords aren’t working for your email or social media accounts, this could be a sign that your phone was hacked.

Reset your account passwords (with unique and strong passwords), enable two-factor authentication (2FA), and add secure backup accounts.

📚 Related: How To Know If Your Email Has Been Hacked (and What To Do)

9. You receive 2FA codes you didn’t request

If you receive unrequested two-factor authentication codes, it could be a sign that a hacker is trying to log in to one of your accounts. The good news is that this most likely means that the 2FA security measure is working and your account is safe — for now.

If you receive unusual password reset requests or 2FA codes, perform a security checkup on your Android or iPhone.

10. Your camera or microphone indicator light turns on

Stalkerware and spyware apps can use your phone's camera or microphone to monitor you without your knowledge. If your indicator lights randomly turn on, it could be a sign of a hacked phone.‍

Look for a green indicator light either in the top middle (iOS) or top right corner (Android) of your screen. This indicates that an app is using your camera and/or microphone. An orange light on iOS indicates that an app is just using your microphone.

Here’s how to check which apps are using your camera or mic to see if they’re malicious:

  • On iOS: Pull down from the right corner to reveal your command center. Tap on the app icons in the top middle section to see which ones are using your camera, microphone, or location services.
  • On Android: Swipe down from the top of your screen. Tap once on the indicator to see which apps are using your camera or microphone. Tap again to manage permissions.

You should also check your app permissions on your iPhone or Android phone to see if any unfamiliar apps have access to your phone’s camera or microphone.

📚 Related: How Someone Can Track Your Location (and How To Stop Them)

11. You stop receiving texts or calls

Some scams — such as SIM swapping — allow hackers to take over access to your phone number and reroute text messages and phone calls to their devices. Scammers call your phone provider pretending to be you and request that they transfer your phone number to a device that they own.

  • Check your phone and SMS settings. Look for unknown numbers in the forwarded section.
  • Look for unfamiliar outgoing calls and texts. This could indicate that someone has remote access to your device.
  • Call your mobile phone provider. Ask them to check if anyone has requested a phone number transfer recently.
  • Set up a mobile PIN for extra safety. Request that your provider include a PIN or password to protect your account moving forward.

Pro tip: Use USSD codes to check if someone has set up call forwarding. You can dial special codes to check your phone’s settings — these work across both iOS and Android devices. 

The most useful USSD codes include: *#21# which checks for unconditional forwarding, and *#62# , which checks where calls are forwarded when unreachable. This will give you a concrete answer as to whether or not your phone has been compromised.

12. Websites look different or distorted

A more subtle sign that your device has been hacked is if websites suddenly look different or appear distorted. This could mean that malware is redirecting your web traffic through a malicious proxy server (also known as an "evil proxy"), which allows hackers to spy on you or intercept data that you submit to websites (including your passwords).

⚡️ Get warned fast if your identity is at risk. Aura’s all-in-one solution can monitor your online accounts, SSN, credit, and more for signs of fraud — plans start at $3/month.

How To Remove a Hacker From Your Phone

If you’ve seen any of these warning signs and have determined that it’s not a device issue, you’ll want to take steps to remove any malicious apps or unwanted access to your phone and accounts.

Note: It’s important to follow these steps in chronological order to ensure they’re effective. For example, if hackers have installed keylogger malware on your device (that tracks everything you type) and you update an account password, they’ll still have access to your account.

  • Isolate your device. Most malware requires an internet connection to operate and send data back to hackers. Disconnect your phone from both Wi-Fi and cellular data to sever the connection.
  • Secure your accounts from a safe device. Before you remove malware, make sure critical accounts — email, online banking, Apple ID or Google account, social media, etc. — are secure. Use a separate, uncompromised device, such as a laptop or iPad, to regain access to compromised accounts and update your passwords and 2FA settings.
  • Scan your phone by using antivirus software. Only Android devices can install and run anti-malware software. iOS devices don’t allow third-party apps to scan for viruses, and any security app that markets itself as “antivirus for iPhones” is being dishonest.
  • Manually remove suspicious apps. Uninstall apps you don’t recognize or ones that are using up resources. If you’re unsure about an app's usefulness, research it online or in the Google Play Store or iOS App Store.
  • Review app permissions. For remaining apps on your device, check their permissions and revoke any that seem excessive (for example, location data, access to your contacts, camera or microphone access, etc.). iOS users can use Apple’s Safety Check feature.
  • Remove unrecognized devices from your accounts. If hackers have logged in to your accounts by using their devices, you’ll be able to see and remove them from the your devices section of your Google account or your Apple ID device list.
  • Clear your browsing history, cache, and downloads. Malware can hide in areas of your phone that you don’t normally check. Clear your browsing history and cache, as well as your downloads, to remove hidden malicious software.
  • Notify friends, family, and financial institutions. A hacked device can put others at risk. Tell your contacts not to trust strange messages from you (especially if they contain links), and report the fraud to your bank and credit card company. You may also want to consider freezing your credit with all three major credit bureaus (Experian, Equifax, and TransUnion), and file an official identity theft report with the FTC at IdentityTheft.gov.
  • The nuclear option: Reset your phone to its factory settings. If you’re dealing with lingering issues, you may need to perform a factory reset on your phone. Note that this step will wipe all files and settings from your phone — so make sure you have a secure (and virus-free) backup.

Unfortunately, it’s almost impossible to know the full extent of the damage caused by a hacked phone

Once you’ve cleared up any malicious apps and hacked accounts, take steps to protect yourself against identity theft, fraud, and further scams.

⛑️ Protect your devices with award-winning digital security. Aura’s all-in-one digital security solution defends you against hackers, scammers, and identity thieves (and was rated #1 by CNET, Security.org, and others). Try Aura today — plans start at just $3/month.

How To Protect Your Phone From Hackers and Malware

The best way to protect yourself from hackers is to recognize and avoid their attacks. Make sure you only download apps from official app stores, don’t click on suspicious links, and be on the lookout for warning signs indicating that someone is trying to scam you online.

Then, follow these best practices to keep your devices and accounts secure:

  • Keep your operating system and apps updated to block hackers from using known vulnerabilities
  • Use ad-blockers to prevent malicious ads from stealing your data or serving you adware
  • Set up a SIM lock or SIM PIN to prevent scammers from using your SIM on other devices
  • Ask your mobile service provider about port protection (such as T-Mobile's Port Out Protection), which can prevent SIM swap attacks
  • Use strong passwords, and store them in a password manager for safe keeping, easy access, and to receive warnings if your credentials are leaked in a data breach — follow CISA’s strong password guidance for best results
  • Enable 2FA by using an authenticator app, such as Authy, to prevent hackers from intercepting your 2FA codes sent via text messages
  • Use mobile security tools, such as antivirus (on Android devices), a VPN, and Safe Browsing tools that will warn you of phishing links
  • Activate biometric security, such as fingerprint ID or Face ID, to make it more difficult for criminals to access your device if it’s stolen
  • Lock your phone when you’re not using it (the FTC advises using a six-digit passcode)
  • Maintain regular backups to ensure that you have a virus-free version to revert to if you get hacked
  • Avoid jailbreaking or rooting your device, as this can make you more vulnerable to hacking and malicious apps

Lastly, consider safeguarding your devices, identity, and finances with an all-in-one solution. Aura’s award-winning identity theft protection service combines device security tools with identity and credit monitoring, 24/7 U.S.-based support, and up to $1 million in identity theft insurance.

Get device, data, and identity protection with Aura — starts at $3/month.

    Try Aura’s online safety features risk-free. If you don’t feel safer after signing up for Aura, we offer a 60-day money-back guarantee on all annual plans — no questions asked. See pricing.

    Share this:

    Related Articles

    Fraud

    What Can Scammers Do With Your Phone Number? 7 Real Risks

    Internet Security

    How To Tell If Your Wi-Fi Is Hacked (And How To Fix It)

    Editorial note: Our articles provide educational information for you to increase awareness about digital safety. Aura’s services may not provide the exact features we write about, nor may cover or protect against every type of crime, fraud, or threat discussed in our articles. Please review our Terms during enrollment or setup for more information. Remember that no one can prevent all identity theft or cybercrime.