7 ways to prevent your iPhone from being hacked
- Your iPhone can get hacked, although it’s not very common, and iPhones are more secure than Androids.
- To protect your iPhone, don’t click on suspicious links or provide your personal information.
- If your iPhone has been hacked, you may need to factory reset it or get a replacement.
iPhone hacks aren’t incredibly common, but they can still happen if you’re not careful.
From malware and rogue apps downloaded from the App Store to targeted attacks on a specific device, your information can be stolen in countless ways.
Hacking occurs when someone else accesses private information on your device or controls it without your consent. It is a broad term, and lies on a gradient from bad to very serious.
Here we’ll break down the common types of hacks, how to find out if you’ve been hacked, and what to do about it.
1. Keep your iPhone updated
It is generally good advice to always keep your devices up to date with security updates.
This also applies to iOS software updates. The updates include fixes for vulnerabilities that could open your iPhone to hackers.
2. Avoid clicking on suspicious links
Just like on your computer, your iPhone can be hacked by clicking on a suspicious website or link. If a site looks or feels “off” check the logos, spelling or URL.
Try to avoid connecting to a password-free public Wi-Fi network, which opens the possibility for a hacker to access unencrypted traffic on your device or redirect you to a fraudulent website to gain access to login information. It’s best to also consider messages from numbers you don’t recognize as suspicious – so don’t click on any links you get from spam texts.
Fortunately, modern smartphones are good at resisting malware and ransomware, reducing the risk of hacking.
3. Don’t download shady apps
Apple devices exist in a much more closed and monitored digital ecosystem compared to Android devices. This usually keeps them much safer as Apple screens apps; however, the process is not bulletproof.
Ning Zhang, who heads the Computer Security and Privacy Laboratory at Washington University in Saint Louis, says to be wary of apps that ask for more information than they need to function.
For example, if you’ve downloaded a wallpaper or flashlight app and it asks for your location or contact list, camera or microphone, that’s a red flag. The developers are probably tricking you into giving this information out so it can be sold.
“I would be a little skeptical about it and consider whether I really want that background app,” Zhang says. “Being vigilant, even with official apps, is helpful. If we’re able to do that, I think for the average person, you should be pretty safe.”
4. Use a strong password
If you back up your phone in iCloud, make sure you have a strong password. If someone gets hold of your password, they don’t even need to hack your phone because they can download a backup from the cloud.
Turning on Apple’s two-factor authentication is another good way to stay safe and can prevent your iCloud account (Apple ID) from being hacked by requiring another step of verification.
Vyas Sekar, a professor of electrical and computer engineering at Carnegie Mellon University, says being safe is about “good digital hygiene.”
“Install apps from trusted sources, and unless you know what you’re doing, you probably don’t want to jailbreak your phone,” Sekar said. “Be careful. Don’t click on attachments you don’t want to open and keep your phone updated.”
5. Don’t jailbreak your iPhone
Jailbreaking the iPhone refers to removing the software restrictions imposed on iOS. While this appeals to some people, it also opens you up to potential vulnerabilities in the software because you’ve eliminated some of Apple’s existing security measures.
It’s possible to download incompatible spyware or malware apps onto a jailbroken phone, and that’s also how remote takeovers can happen with iPhones. A jailbroken phone should be avoided as it can dangerously allow malicious apps to go undetected.
6. Be wary of intimate partner hacking
Abusive partners can take your phone and download spyware (or stalkerware) when you’re not looking. This malicious software can be used to track your location, or make private information such as text messages, call history and emails available to them.
All they need is your password and physical access to your phone. Experts we spoke to said this is unfortunately common. This abuse can be psychologically traumatizing and devastating to someone’s personal and public life. If you notice apps you don’t remember downloading, this could be a sign – although many times the spyware app is invisible on the home screen.
Unfortunately, this problem is not easy to fix. Victims can risk their security by deleting the apps or checking for malware if and when attackers notice these actions.
7. Watch out for targeted attacks
The average person probably won’t be singled out and remotely targeted by hackers because it’s expensive, sometimes costing millions to hack newer phones, said Matthew Green, an associate professor at the Johns Hopkins Internet Security Institute.
Journalists and activists are most vulnerable to this type of hack. One form of targeted hacking works like this: Hackers exploit unknown bugs in the iOS programming that even the developers don’t know about. With this knowledge, hackers can install malware to extract data from targeted sources.
“This is a very sophisticated set of hacks and often you won’t even know this happened to you,” says Green. “If it’s somebody that’s really sophisticated, they’re going to send you an invisible text message and your phone is going to be compromised for a while.”
The bugs are known as “zero-day” exploits, which equates to the fact that Apple will find out about a possible security issue in its software on the same day it will work on patching it. Once the world knows, it’s only a matter of time before the hack is obsolete. That’s why these expensive hacks are often kept hidden by the people, or the government, who buy them, says Green.
The NSO Spyware group’s Pegasus malware is a particularly nasty example, but these types of hacks are generally reserved for those nation-states that consider themselves high-value targets.
How to find out if your iPhone has been hacked
You can’t always tell if your iPhone has been hacked, says Sekar. But you may notice a few things.
- Your phone is unusually hot, or dies frequently.
- Your phone is slow when trying to load websites.
- The battery drains even when you don’t touch the phone.
These symptoms indicate that the phone is running all the time, even when you are not using it. Sometimes the best indicators come from the outside, like when friends say they’re getting weird messages from you. However, the most sophisticated hacks can be somewhat invisible.
There is no surefire way to check for every type of hack. Experts told us that a reliable way to check is to download a mobile security app called iVerify, which scans your phone’s operating system for suspicious behavior and can also detect if your phone has been jailbroken.
What to do when your iPhone has been hacked
For minor problems, such as an app stealing your information, delete the app and update the software. In severe cases, you will want to wipe your iPhone and restore it to factory settings. But even if you do, it can be felt that it’s completely clear if you’ve gotten rid of malware installed on your phone — especially if it’s been jailbroken.
Finding an expert for inspection may be the best solution, and your phone cannot always be cured.
“I hate to say this, but if you really need to be safe, get a new phone,” says Green. “If someone actually gets on your phone, and it’s a very high barrier for iPhones, they can install things like keyloggers, which means that every keystroke, every letter you type is sent to someone. Until you’re sure it’s gone, you can’t be sure you have any privacy.”
If you can’t get a new phone right away, a hacked iPhone is probably not safe to use, so it’s best to leave it turned off.