What should I do if I installed a suspicious app on my phone?
Uninstall the app immediately, revoke its permissions, change passwords for any accounts accessed on the device, and run a malware scan.
Last reviewed: 10 June 2026
Explanation
A suspicious app may do nothing harmful, or it may be silently logging keystrokes, forwarding messages, recording your screen, or acting as a remote-access backdoor. Since you cannot easily tell which is true from the outside, the safest course is to act as though compromise has occurred and clean up accordingly.
First, uninstall the app. On Android, go to Settings > Apps and force-stop it before uninstalling, to prevent it from running cleanup routines. On iPhone, delete it from the home screen or via Settings > General > iPhone Storage. After removal, check app permissions — sometimes poorly coded apps leave behind configuration files, though this is uncommon on managed mobile operating systems.
Change passwords for any accounts you accessed while the app was installed, starting with your email and banking apps. If you entered passwords into any website or app while the suspicious app was on your phone, those passwords should be considered potentially exposed. Enable two-factor authentication on accounts that don't already have it.
Run a reputable mobile security scan. Most major antivirus vendors offer free Android scans; iPhone malware is rarer but tools exist. If you have significant concerns, particularly if the app was installed for a long time or you noticed unusual behaviour, a factory reset is the most thorough option — just make sure you back up only your data (photos, contacts, documents) and not app data that might carry over the infection.
Common red flags
- App asked for permissions that seem unrelated to its stated purpose (e.g., a torch app wanting microphone access)
- You downloaded it from outside the official App Store or Google Play
- Someone sent you a link to download it and asked you to allow installation from unknown sources
- You noticed unusual battery drain, data usage, or device heating after installing it
- The app had very few reviews or a suspicious developer name
- It requested accessibility permissions, which grant very broad device control
What to do now
- Uninstall the app immediately — force-stop it first on Android
- Review and revoke all remaining app permissions in your phone settings
- Change passwords for your email, banking, and social accounts from a different device
- Enable two-factor authentication on accounts that didn't have it
- Run a reputable mobile security scan
- Check your bank and email accounts for any unusual activity
- If the app was installed for weeks or you have serious concerns, consider a factory reset
Frequently asked questions
I installed the app from Google Play — does that mean it's safe?
Not necessarily. Google Play Protect scans apps, but malicious apps occasionally pass initial review before being removed. Unusual permissions and post-install behaviour are still worth investigating.
Can a suspicious app affect my accounts on other devices?
Not directly, but if it captured your passwords or OTPs, the attacker could use those credentials on any device. Changing your passwords from a clean device closes that window.