If you suspect that your mobile may be compromised, there is a series of indications that you can collect to find out if there is indeed something extra installed that is recording your movements or not.
Is it a modified mobile?
Mobile operating systems are much more “closed” than PC ones, so it is relatively difficult for malware to reach them just like that. An exception to this happens when you bought the mobile second hand and it has signs of having been modified. For example, it is an Android mobile that has installed a Custom ROM or a jailbroken iPhone.
That the mobile has been modified does not mean that it is spying on you, but it does make it easier for whoever modified it to have hidden spyware inside that was not there from the factory. To find out if the mobile has been modified, you can see the status of the Google Play certification. If so, and if you suspect that it could have been modified with the aim of spying on you, the most sensible thing to do is to restore its factory firmware.
By the way, there have been cases of suspicious software pre-installed on mobile phones, although it is still the exception. Android mobile software must be tested by Google prior to certification in order to include Google Services. Once again, the fact that the mobile has been modified does not imply that it has malware, but there is more likely to hide it if so.
Check calls and SMS
One way to know if the mobile is doing “strange things” is check call history and SMS. Are there calls registered that you have not made? Taking into account that the malware could manipulate the call log by adding or removing it, it is best to consult the list directly from your operator.
An important fact is to check if any call forwarding is active, so that all calls that come to your phone number go to another number. You can see the steps to activate and deactivate call forwarding on an iPhone and Android mobile in this article.
Even more important are the SMS received, especially those account verification messages. Spyware could intercept SMS messages from your mobile and send the use codes to another person, so that they could register the WhatsApp number on another phone, for example.
It is also worth checking if there suddenly seems to be new password requests or password reset, which you can find out either by checking SMS messages or your emails. Again, it could be that the “spy” is intercepting your emails to change your passwords and thus have access to your accounts from another device.
Finally, it never hurts to review if suspicious messages have been sent to all your friends on Facebook, Twitter, by mail or any other method. Although the tracks could be removed by the malware, you will usually find out about it because your friends will write to you asking about it.
Pay attention to notifications
The iOS notice when an app accesses the clipboard
Over time, both Android and iOS have added features to improve your privacy and security, in many cases through notifications. For example, the latest versions notify you when an application access microphone, camera or location. It never hurts to review these notices and check that they make sense: Google Maps accessing the location is normal; that the flashlight app does it, not so much.
On more mundane ground, if someone has activated share location in real time using Google Maps or other apps, notifications will appear from time to time letting you know about it. If you don’t pay attention to notifications, you won’t know about it.
It’s not just system notifications you should pay attention to, but suspicious notifications from potential spy appsespecially those that are permanent and do not belong to any application you have installed.
check the apps
Possibly the best way to know if the mobile has been hacked and/or contains spyware is Thoroughly review the list of installed appslooking for any non-system apps that you didn’t install.
You will have to pay attention, as many of these spy applications use generic names to try to go unnoticed, such as System Update, Sys Options and similar options. The best way to know if they are who they say they are is to see if they can be uninstalled. If yes, they are not system apps.
To find suspicious applications you can use the list of apps that consume more battery, where you must use your critical eye to distinguish between what makes sense and what doesn’t. Again, a game you’ve been playing all day using a lot of battery is normal; Let the flashlight app you haven’t even opened do it, no.
Another fact that may be interesting is to review the applications that consume more dataAlthough it will only highlight a spy app if it is stealing a large amount of data, such as all your photos and videos. Stealing passwords and texts hardly uses any data.
Finally, it never hurts review apps that have location access, and it is that it is one of the juiciest data for anyone who is using your own mobile to spy on you. Another good idea would be to do the same with the access to the camera and microphone.
Activate Play Protect on Android phones
Android phones have their own antivirus built into Google Play, called Play Protect. This antivirus can stop a lot of malware and potentially harmful applications, so it is possible that if the mobile is hacked, Play Protect is disabled.
To check the status of Google Play Protectopen Google Play, tap on your profile picture and choose Play Protect on the menu. If it is disabled, it will appear in red. Activate it and press scan now to do a mobile analysis. Again, the fact that Play Protect is disabled does not mean that the mobile is compromised, although it is a good clue that there is something wrong, since it is active by default.