“If you’ve typed ‘your iPhone has been hacked’ into a search bar, the Bitdefender team says, you’re already in crisis mode.” As I’ve pointed out before, despite the hype iPhones can be hacked, and you need to watch for red flags and take precautions.
Bitdefender lists “7 signs your iPhone has been hacked” and includes some guidance on how to follow up any initial suspicions with some simple device checks.
- Unusually fast battery drain, unexplained by what you’re doing on the phone
- Unexpected data spikes, which you may not see but can easily check for
- Unrecognized apps on your home screen
- Contacts saying they received messages from you which you didn’t send
- An alarming spike in pop-ups when browsing online
- Continual password prompts for your core Apple ID
- Unrecognized VPNs or MDM profiles, again which you need to check for.
So, how do you prioritize this list? The first thing you’ll notice is battery drain and maybe your iPhone running hotter than expected given what you’re doing at the time. That’s a good prompt to play detective and check some of these other settings.
Other signs will be more reactive — pop-ups and password prompts, unexpected apps or friends asking about weird messages from your number. If any of that happens, check your data usage, VPN/MDM profiles and which apps are consuming your battery.
Most of these settings are easy to find. The VPN/MDM profiles are under Settings > General, and you should not see anything you or your employer haven’t installed.
iPhones do a good job of sandboxing apps, making it more difficult for attacks to jump around from a compromised app over to your other platforms. But it does happen. And just because you have an iPhone, doesn’t mean you can ignore usual good housekeeping guides around opening attachments, clicking links and installing apps.
The biggest threat to iPhone users has nothing to do with malware or phone hacks. It’s attackers stealing security credentials for your Apple, Microsoft or Google accounts.
This will come by way of emails or texts with urgent lures prompting you to log into a platform to check settings or change passwords. Or it could be a payment link for a missed delivery or unpaid toll or refund. This is a billion-dollar scam industry.
If you really do think you’re been hacked, Bitdefender has a five-point plan:
- “Change all your passwords from a clean device,
- Change all your passwords from a clean device,
- Scan and clean the device,
- Contain risk with Lost Mode,
- Reset and restore only when needed.”