Your phone got hacked and now someone's got control of it. What to do immediately

Kurt "CyberGuy" Knutsson lays out the immediate steps you should take if your phone has been hacked and your personal information becomes vulnerable.

Dec 14, 2024 - 17:00
Your phone got hacked and now someone's got control of it. What to do immediately

Data breaches are becoming alarmingly common, and it’s no longer just massive corporations or government agencies in the crosshairs. Hackers are setting their sights on personal devices like your smartphone. Think about it, your phone holds a staggering amount of your personal information. 

From emails and text messages to banking apps, social media and even your photos, it's a treasure trove for cybercriminals.

The numbers back up the growing threat. The FBI’s Internet Crime Complaint Center received nearly 56,000 reports of personal data breaches last year. California, the most populous state, topped the charts for the most complaints, according to the Identity Theft Resource Center (ITRC). These stats are more than just numbers — they’re a wake-up call.

GET SECURITY ALERTS, EXPERT TIPS — SIGN UP FOR KURT’S NEWSLETTER — THE CYBERGUY REPORT HERE

It’s a nightmare scenario. Your phone feels off — battery drains faster than usual, strange pop-ups appear, apps you didn’t download show up, or you’re suddenly locked out. Maybe it’s sluggish, overheating or making unexpected calls or texts. Your mind races: "What did they see? What can they do with my information? Can I even fix this?"

Take a deep breath. Yes, it’s unsettling, but you’re not powerless. Knowing what steps to take — and in what order — can make a huge difference in regaining control and stopping the damage. Let’s walk through exactly what to do if your phone gets hacked, so you can protect yourself and bounce back stronger.

BEST ANTIVIRUS FOR MAC, PC, IPHONES AND ANDROIDS — CYBERGUY PICKS

Even if hackers had only brief access to your device, assume they’ve seen sensitive data. Your first task is to remove any malware or spyware.

1. Use strong antivirus software: The easiest and most effective way to start is by installing and running strong antivirus or antivirus software. Avoid unfamiliar apps, as some pose as antivirus tools but are actually malware in disguise. Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android and iOS devices.

After installation, run a full device scan. This will search for hidden threats like spyware, ransomware, or keyloggers that could compromise your information further. Once the scan identifies malicious files, follow the app’s instructions to quarantine or remove them. Be sure to double-check the app’s log to confirm all suspicious activity has been addressed. Most antivirus tools offer real-time protection to monitor for threats as they occur. Turn this feature on to reduce the risk of reinfection. Antivirus programs are only as effective as their latest updates. Cybercriminals continuously develop new malware, so keeping your antivirus database current ensures it can detect the newest threats.

2. Factory reset if needed: If the antivirus software fails to fully restore your phone’s functionality — such as fixing issues like freezing, slowdowns or unexpected shutdowns — you may need to perform a factory reset on your iPhone or Android. A factory reset wipes all data from your phone, returning it to its original state when it left the manufacturer. Before resetting, create a backup of your important files. However, ensure the backup itself is free of malware. Use antivirus software to scan backups before restoring them. Most phones offer a simple reset option in their settings menu under "System" or "General Management." Consult your device manual or manufacturer’s website for detailed instructions.

3. Seek professional help: If you’re not confident in your ability to remove malware or reset your phone, reach out to a trusted professional. Visit the Apple Store, Microsoft Store or an authorized service provider for your phone brand. Explain your situation and ask for a thorough inspection and cleaning of your device. Many retailers offer comprehensive diagnostic and repair services.

4. Abandon hardware only as a last resort: In rare cases, malware can deeply embed itself into a device, making complete removal nearly impossible. If your phone continues to exhibit signs of infection despite using antivirus tools, factory resets and professional help, you may need to replace it. Ensure you completely wipe the device before disposing of it to prevent any residual data from falling into the wrong hands. When setting up a new device, take extra precautions to secure it, such as enabling two-factor authentication and keeping all software up to date.

 THE HIDDEN COSTS OF FREE APPS: YOUR PERSONAL INFORMATION

Resist the urge to immediately change passwords on a compromised device. Hackers might still have access and could intercept your new credentials, potentially locking you out again. Instead, follow these steps:

WHAT IS ARTIFICIAL INTELLIGENCE (AI)?

As we’ve seen, traditional passwords present numerous security challenges — including susceptibility to breaches and phishing attacks — along with the inconvenience of remembering complex combinations. Even with best practices in place, passwords can still be stolen or misused.

This is where passkeys come into play. As data breaches become increasingly common, adopting passkeys can significantly enhance your security. Unlike passwords that require you to remember a string of characters, passkeys utilize biometric authentication or a PIN to streamline the login process while providing protection against unauthorized access.

GET FOX BUSINESS ON THE GO BY CLICKING HERE

Enhanced security: Passkeys are resistant to phishing attacks and reduce the risk of credential theft since they cannot be easily guessed or stolen like traditional passwords.

Convenience: With biometric authentication, logging into apps and websites becomes faster and easier — eliminating the need to remember complex passwords.

Cross-device functionality: Passkeys work seamlessly across different devices linked to the same account — providing a unified login experience.

Here's how to set up passkeys on both iPhone and Android devices so that you can secure your personal information.

Setting up a passkey on iPhone 

How to create a Passkey on iPhone

Setting up a passkey on Android

Settings may vary depending on your Android phone’s manufacturer.

How to create a passkey on Android:

Settings may vary depending on your Android phone’s manufacturer.

HOW SCAMMERS USE YOUR PERSONAL DATA FOR FINANCIAL SCAMS AND HOW TO STOP THEM

With your device clean, focus on protecting your financial and personal information.

Credit reports: Contact Equifax, Experian and TransUnion to place a fraud alert and security freeze on your credit reports. Regularly check your credit reports for unauthorized activity. Contacts: Equifax: 1-800-525-6285,Experian: 1-888-397-3742, TransUnion: 1-800-680-7289.

Financial institutions: Update passwords and enable two-factor authentication (2FA) on your bank accounts. This enhances the security of your financial information. Inform your financial institutions about the breach. Some banks allow you to set up verbal passwords for added security.

Driver’s license: Submit a Fraud Review of Driver License/Identification form to your local Department of Motor Vehicles (DMV).

Social Security account: Create a my Social Security account if you don’t already have one. Monitor it for any unusual activity. Regularly review your account statements to ensure no unauthorized changes have been made.

Taxes: Obtain an Identity Protection (IP) PIN from the IRS to prevent fraudulent tax filings. File your taxes early to outpace potential fraudsters. You can get an IP PIN by visiting the IRS official website.

Identity theft protection: Identity theft companies can monitor personal information like your Social Security Number (SSN), phone number and email address and alert you if it is being sold on the dark web or being used to open an account.  They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals. 

One of the best parts of using some services is that they might include identity theft insurance of up to $1 million to cover losses and legal fees and a white glove fraud resolution team where a U.S.-based case manager helps you recover any losses. See my tips and best picks on how to protect yourself from identity theft.

Getting your phone hacked is a sobering reminder of how vulnerable we are these days. Yet, the experience doesn’t have to be catastrophic if you act quickly and methodically. Start by addressing the immediate threat of malware, secure your accounts and assets, and implement proactive measures to prevent future breaches. Think of these steps as your digital emergency kit — essential tools to help you regain control when things go wrong. Remember, your digital security is only as strong as the precautions you take today.

Have you ever experienced a phone hack or dealt with a cybersecurity breach? Share your story, your questions or the steps you took by writing us at Cyberguy.com/Contact

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter

Ask Kurt a question or let us know what stories you'd like us to cover.

Follow Kurt on his social channels:

Answers to the most-asked CyberGuy questions:

New from Kurt:

Copyright 2024 CyberGuy.com. All rights reserved.