Dealing with a Compromised Device
Having a compromised device can be deeply unsettling and frightening. You may feel vulnerable knowing that someone could be accessing your personal information, reading your messages, monitoring your activities, or even watching you through your camera. This violation of your digital privacy can impact not just your security, but your peace of mind and sense of safety. Whether this compromise is from malicious software, a cybercriminal, or someone you know, you have the right to feel safe and in control of your own devices. This guide will help you identify if your device has been compromised and take back control.
What “compromised” means
A compromised device means someone or an application is accessing your device without your permission. This could happen if
Malicious software has been installed on your device
A virus is sending your data to someone else
Someone can control your screen or camera remotely
Keyloggers that record everything you type, including password
Device compromise is often used for financial theft, stalking, harassment, or gathering personal information for blackmail or fraud.
How do I know if my device is compromised?
These are signs that may indicate your device has been compromised. If you notice multiple signs together, take action immediately.
| Possible sign | What it may mean |
| You see apps or programs you don't remember installing | Someone or something added them |
| Pop-ups, adverts, or messages appear that are not expected | Could be fake alerts or scams |
| Webpages or searches look different than usual | Your settings might have been changed |
| You get login alerts for accounts you didn't access | Someone else could be signing in |
| Your camera or microphone light comes on unexpectedly | Possible spying software |
| You get ransom messages or can't open your files | Possible ransomware |
| Your friends receive strange messages from you | Your device or account might be used to spread scams |
Simple steps to check your device
Look for unfamiliar applications
Open your list of installed apps or programs.
Delete any you don’t recognise or remember installing.
Be especially wary of apps with strange names or missing icons.
Check for updates
Make sure your phone, computer and apps are up to date.
Updates often fix security holes that attackers use.
Run a full virus scan
Open your antivirus or security app (most devices have one built in).
Choose “Full Scan” or “Deep Scan”.
Let it run to completion and follow any instructions to remove threats.
Restart your device
Sometimes restarting can stop unwanted software from running.
It can also help the system apply any updates or security fixes.
Check your accounts
Look for any “new sign-in” or “unusual login” emails.
If you see something suspicious, change your password right away.
Turn on Two-Factor Authentication (2FA) for all accounts (like email, banking, and social media).
What to do if you believe your device is compromised
Disconnect from the internet
Turn off Wi-Fi or mobile data, this can stop the attacker from accessing your device.
Back up important files
Save copies of your photos, documents, and contacts to a trusted cloud account or an external drive.
Run another full virus scan
Follow the instructions to remove or “quarantine” anything suspicious.
Change your passwords
Use new, strong passwords for your most important accounts.
Don’t reuse passwords between accounts.
Ask for expert help
If the problem keeps returning, don’t try to fix it alone, contact The Cyber Helpline or a local trusted IT professional.
Report the crime
Device compromise is a crime and should be reported to the police, particularly if:
You've lost money or experienced identity theft
You believe someone is stalking or monitoring you
You're receiving threats or demands
The compromise is part of domestic abuse or harassment
If the compromise is related to stalking or domestic abuse, also contact specialist support organizations who can provide additional help alongside the police investigation.
How to prevent device compromise in future
Taking these preventative steps will significantly reduce your risk of device compromise:
Keep your software updated
Enable automatic updates for your operating system, apps, and security software
Install updates promptly - they often fix security holes that attackers exploit
Remove old, unused apps that are no longer supported with security updates
Use strong password practices
Create strong, unique passwords for every account - at least 12 characters with a mix of letters, numbers, and symbols
Never reuse passwords between accounts - if one account is compromised, all accounts with the same password are at risk
Use a password manager to securely store and generate strong passwords
Never share your passwords with anyone or write them down where others can find them
Enable two-factor authentication (2FA)
Turn on 2FA for all important accounts, especially email, banking, and social media
Use an authenticator app (like Google Authenticator or Microsoft Authenticator) rather than SMS when possible, as it's more secure
Be cautious online
Don't click suspicious links or download unexpected email attachments, even if they appear to be from someone you know
Verify before you trust - if you receive an unexpected message asking you to click a link or download something, contact the person directly through another method to verify
Be wary of public Wi-Fi - avoid accessing sensitive accounts or entering passwords on public networks. Use a VPN if you must use public Wi-Fi.
Only install apps from official stores - use Google Play, Apple App Store, or Microsoft Store. Avoid downloading apps from websites or third-party stores.ç
Protect physical access to your devices
Use a strong PIN, password, or biometric lock on all devices
Never leave devices unattended and unlocked in public places or around people you don't fully trust
Be cautious about who you give your device to, even temporarily
Turn off your device or lock it if you need to leave it somewhere
Review your security settings regularly
Check your installed apps monthly and remove anything you don't recognize or no longer use
Review account login activity on your email and social media to spot unauthorized access
Check device permissions and remove unnecessary access to your camera, microphone, location, and files
Review your social media privacy settings to limit what information is publicly visible
Back up your data regularly
Make regular backups of important files, photos, and documents
Store backups securely in the cloud or on an external drive kept separate from your device
Test your backups occasionally to ensure they work
This ensures you can recover if you need to perform a factory reset
Be careful what you share online
Limit personal information on social media - avoid posting your address, phone number, daily routines, or real-time location
Turn off location tagging on photos and posts
Be selective about friend requests - only connect with people you know in real life
Review what others post about you and ask them to remove sensitive information if needed
Get additional support
If you need more help or have concerns about your situation:
Contact The Cyber Helpline - If you've followed this guide and still have issues, get back in touch with us through our chatbot or helpline for further support.
Seek professional IT help - If you're not confident following these steps or the problem persists, ask a trusted IT professional or tech-savvy friend for help. Many local computer repair shops can assist with removing malware.
Donate
To help people like you we rely 100% on donations from people like you.
Without donations we cannot keep our service free and provide help to the most vulnerable victims of cyber crime when they need it most. As a not-for-profit organisation, 100% of your donation goes towards keeping The Cyber Helpline up and running - so 100% goes towards helping people like you. Donate now and help us support victims of cyber crime.