Back to my results
Print or Download as PDF

Your phone likely contains many pieces of sensitive information, such as your address, historical locations, credit card numbers, photos, videos, email addresses, contacts, and more. If someone wrongfully gains access to your phone, they may be able to access this information, or even applications that you’re already logged into so they can steal even more information.

 

How you respond will depend on how the phone was compromised:

  • Your device may be accessed physically, when a person steals the device or uses a password they should not have known, or
  • Your device may be accessed remotely when it is infected with a virus, malware, or spyware after you click a suspicious link or download a malicious app.

No matter what type of device was compromised, the following, immediate steps can help lock down your phone and potentially kick out anyone who wrongfully gained access. These steps will also lead you through identifying the right organizations and companies that can help you regain control. 

These are critical steps that should be taken in the following order:

  1. Disconnect the phone from Wi-Fi or internet connection.
  2. Turn off Bluetooth.
  3. Log out of all accounts on the device (social media, email, apps, etc.)
  4. See who has access to your accounts or which devices are signed in:
  5. It is recommended you reboot to safe mode to disable all third-party apps that may be running in the background. 
  6. Cancel any credit cards linked to your device.
  7. Change the password on the phone you believe is compromised, as well as any accounts that are accessed through the phone.

DO NOT try to back up your compromised device until it has been fixed because nasty malware infections can be duplicated in a device backup.

We’ve outlined some next steps for you to consider. If you put several of these into practice, you’ll be safer day-to-day.

 

  • A compromise may be a result of device theft or from someone abusing a password they shouldn’t know. If this is the case, use a new, unique device password and do not share it with people you do not trust.
    • Use a password manager and create and store unique passwords for each individual online account. Repeat passwords are one of the biggest vulnerabilities in many types of online scams.
  • If you really want to improve your security, download an MFA “authenticator” app, which is used specifically for multi-factor authentication (MFA) codes. To learn more about MFA and how to use it, read our FAQ.
    • Speaking of MFA, never share the one-time passcodes that are sent to your phone or email inbox with anyone; and remember that no legitimate company will ever ask you for the one-time passcode over the phone or in a customer support chat.
  • Log out of your accounts and apps rather than leaving them open when not in use.
  • Avoid using free public Wi-Fi without a VPN. This will shield your account information and activity from scammers.
  • Download an antivirus scanner for your device to specifically look for viruses and malware that can spy on your digital activity (sometimes called “spyware” or “stalkerware”).
  • Update your software to the latest version.
  • Get help from a professional who can assess the situation and determine whether your device is infected with malware, who else may have access to your device, and how to safely reset important settings. Help is available at many companies and organizations, such as:
    • The company that made your device (for example, visit a Genius Bar for Apple devices).
    • Companies that make cybersecurity products that you currently use on your devices.
    • Nonprofit and community-based tech clinics. 
  • If you are no longer receiving calls/messages or are receiving calls/messages not meant for you, contact your phone carrier (it is possible there was a SIM card swap). 
  • Reset your lock screen passcode through the device’s settings screen.

If your phone was compromised

 

General information on device compromise

 

Recognizing and preventing future incidents

Back to my results

Warn others (report a scam)

Good job taking control of the situation! We recommend taking a few moments to report the scam to the BBB, which can help us fight fraud. If you haven’t already, please consider reporting the incident you encountered to BBB Scam TrackerSM, our prevention and reporting platform.

 

Reporting the scam to the proper channels can help law enforcement shut down scam operations that prey on others; BBB shares its data with the Federal Trade Commission (FTC). Scam submissions are published on BBB Scam TrackerSM, which enables the public to search the reports and determine whether they are being targeted. BBB Scam TrackerSM reports are also used to publish timely research and consumer education resources. Report your scam incident to BBB Scam TrackerSM. 

Avoid future scams (learn how)

Research indicates that possessing knowledge about scams and scam tactics can help people spot and avoid scams that will inevitably target them. The unfortunate truth is that scammers will always try to steal data, money, and important information from people.

 

Even when scammers are caught, others will replace them. The best defense, then, is to understand what a scam looks like and how to respond. Protect yourself and your loved ones by learning more about scam types and tactics by visiting BBB’s Scam Prevention Guide.