Your phone holds everything — bank apps, texts, photos, passwords, health data. If an attacker gains access, the damage is immediate and often invisible. Most people have no idea they've been compromised until the money is already gone.

Here are five concrete warning signs that your phone may have been hacked, and exactly what to do if you spot them.

1 Battery Draining Unusually Fast

A sudden, unexplained drop in battery life is one of the earliest signals of a compromise. Malicious apps and spyware run continuously in the background — monitoring your location, recording calls, uploading screenshots — all of which burn through battery at an accelerated rate. If your phone used to last all day and now dies by noon without any change in your usage habits, something else is consuming that power.

This is especially telling if the drain persists even when your phone is idle. Normal apps slow down when you're not actively using them. Malware doesn't.

⚡ What to do

Open your battery settings and review which apps are consuming the most power. Look for anything you don't recognize or apps you haven't opened recently. On iPhone, go to Settings → Battery. On Android, Settings → Battery → Battery Usage. Flag any unfamiliar app and research it before dismissing it as harmless.

2 Unfamiliar Apps or Settings Changes

Finding apps on your phone that you didn't install is a direct red flag. Attackers often install stalkerware, keyloggers, or remote access tools disguised as system utilities or legitimate-looking apps. These can appear as "System Service," "Phone Manager," or misspellings of well-known apps. Similarly, if your device settings — screen timeout, permissions, default browser — have changed without your input, something has been at work on your device.

Pay particular attention to apps that have been granted accessibility permissions, camera access, or microphone access without your knowledge. Those are the highest-value permissions for a surveillance payload.

🔍 What to do

Go through your full app list — not just the home screen. On iPhone: Settings → General → iPhone Storage. On Android: Settings → Apps. Sort by install date. For anything suspicious, revoke all permissions immediately and uninstall. Then review Settings → Privacy → Permission Manager to audit which apps have access to your microphone, camera, contacts, and location.

3 Spike in Data Usage You Can't Explain

Spyware and remote access trojans need to transmit the data they collect — your messages, call recordings, photos — back to whoever controls them. That transmission uses your mobile data. A sudden spike in data consumption that doesn't match your usage (no new streaming apps, no video downloads) is a strong indicator that something is exfiltrating data in the background.

This is particularly suspicious if high data usage occurs when your phone is sitting idle or while connected to Wi-Fi — behavior that suggests a background process specifically avoiding obvious detection.

📡 What to do

Check your data usage breakdown. iPhone: Settings → Cellular → scroll down to see per-app usage. Android: Settings → Network → Data Usage → App Data Usage. Look for apps consuming data that have no reason to — a calculator app using 200MB should stop you cold. Reset the statistics at the start of each billing cycle to catch anomalies early.

4 Strange Texts, Calls, or Emails Sent From Your Accounts

If contacts tell you they received weird messages from you — spam links, requests for money, strange photos — and you didn't send them, your accounts have been compromised. This can happen through SIM swapping (where an attacker hijacks your phone number), account takeover via stolen credentials, or malware that directly accesses your messaging apps. It's not a glitch. It's someone using your identity.

The same applies to unfamiliar entries in your call history or emails in your "Sent" folder that you never wrote. Attackers often purge these traces after sending, so even a brief anomaly matters.

🚨 What to do

Check your sent messages across every app — iMessage, SMS, WhatsApp, Gmail, Instagram DMs. If you find anything you didn't send, immediately change your passwords, starting with email (it's the master key). Enable two-factor authentication everywhere. Contact your carrier to verify your SIM hasn't been transferred. Tell anyone who received suspicious messages to ignore them and not click any links.

5 Your Passwords Stop Working

Being locked out of your own accounts is the most visible sign that an attacker is already inside. Once they have your credentials, changing your password is a standard move to maintain control and lock you out. If you suddenly can't log into email, social media, or banking apps with passwords you know are correct, you're dealing with an active account takeover — not a forgotten password.

This is especially urgent when it happens to your primary email address, because most account recovery flows route through email. An attacker who controls your email can chain-access everything else.

🔐 What to do

Use the "Forgot Password" flow on a device or network you trust — not the same phone you suspect is compromised. Recover your email account first, then every account linked to it. Enable two-factor authentication using an authenticator app (not SMS if you suspect SIM swapping). After regaining access, review active sessions and sign out all devices. Consider a hardware security key for your most critical accounts.

💀

SkullSnare identifies exactly who broke into your device and what they stole.

One scan surfaces your full breach history — every data point exposed, every account compromised, with a risk score and legal-ready evidence report.

Scan Now
One scan · $20 · Results in seconds
Related Reading
→ Is Someone Spying on Your Phone? 7 Warning Signs → Is Someone Spying on Your Phone? 7 Warning Signs (And What to Do) → What To Do If Someone Hacked Your Phone: A Step-by-Step Guide → How to Check If Your Email Was in a Data Breach (2026 Guide) How to Check If Your Wi-Fi Has Been Hacked — Signs, Fixes, and Prevention