Secure Your Phone After a Scam
If a scam involved your phone — whether you installed an app, gave remote access, or shared codes — here's how to clean up and secure it.
Last reviewed: 1 June 2026
First 10 minutes
- Do not hand over or send your phone to anyone offering to 'fix' it remotely
- If you gave someone remote access, disconnect from Wi-Fi and mobile data immediately
- From a separate trusted device, change passwords for banking, email, and key accounts
- Go to your phone's app list and identify any apps you do not recognise
- Check screen-time or accessibility settings for apps with unusual permissions
First 24 hours
- Uninstall any apps you do not recognise or were told to install
- Revoke permissions (camera, microphone, accessibility, contacts) for suspicious apps
- Run a reputable mobile security scan
- Enable your phone's screen lock and ensure it has not been disabled or changed
- Check your carrier account for unexpected changes (new devices, SIM order history)
Contact your bank or payment provider
- If banking apps were open during a remote-access session, call your bank and report it
- Ask your bank to review recent transactions and add monitoring to your account
- Consider temporarily disabling mobile banking until the device is clean
Evidence to preserve
- Screenshot the list of installed apps before uninstalling anything
- Note the app names and sources (e.g. direct APK install rather than official store)
- Record any phone numbers or contact methods used by the scammer
- Save any messages or emails used to trick you into installing an app
Secure your accounts and devices
- Change passwords for email, banking, and social media accounts from a clean device
- Check your email for forwarding rules or new connected apps
- Enable two-factor authentication using an authenticator app rather than SMS
- If you are unsure the device is clean after uninstalling suspicious apps, perform a factory reset
- After a reset, restore from a backup made before the suspected compromise
Report it
- Report to your national fraud/cybercrime service
- Report to the platform, bank, or provider involved
- Keep any reference numbers you're given
Scams involving your phone can leave behind apps, permissions, or settings that allow ongoing access even after you have stopped contact. The goal of a clean-up is to remove all potential access points and confirm your accounts are secured.
For most people, removing unknown apps and revoking unnecessary permissions is sufficient. If you gave someone full remote access (via TeamViewer, AnyDesk, or similar), or installed an app from outside the official app store, a full factory reset may be the safest option.
Do your banking and password changes from a computer or a second phone while you are cleaning up, so you are not relying on a device that may still be compromised.
Frequently asked questions
How do I know if there is still spyware on my phone?
Signs include unusual battery drain, overheating, unexpected data usage, or apps you do not recognise. Run a reputable mobile security scan. If in doubt, a factory reset is the most thorough option.
Is a factory reset safe? Will I lose everything?
A factory reset removes all apps and settings. Back up photos, contacts, and important files to a cloud service or computer first, then restore from that backup after the reset. Avoid restoring from a backup made after the suspected compromise.
The scammer said they installed something to protect me — is that possible?
No legitimate company installs software by calling you and asking for access. What was installed is most likely a remote-access tool or surveillance app. Remove it and clean the device.
Should I get a new phone?
Usually not necessary. A factory reset and clean reinstall of your apps is sufficient for most cases. A new device may be warranted if the phone's firmware has been tampered with, which is rare.