The mobile phone is the center of the digital life of millions of people. It contains private conversations, photographs, documents, access credentials, banking applications, social networks, email accounts and tools linked to the professional environment. This enormous amount of sensitive information has also made smartphones and mobile phones themselves a particularly attractive target for cybercriminals.

In Spain, 50.3% of households with a member between 16 and 74 years old depend exclusively on the mobile phone, according to the latest ICT survey by the INE. This data reflects the extent to which the mobile phone has become an essential gateway to personal, professional and financial services.

However, unlike what many users believe, a compromised cell phone does not always show obvious signs. Warning messages, flashy alerts or clear indications that something is wrong with the mobile phone do not usually appear. In many cases, the attacker’s goal is precisely to operate silently on the mobile for as long as possible.

Malicious campaigns targeting mobile phones

In ESET’s latest cyber threat report, presented in January of this year, the company already warned that malicious campaigns targeting mobile devices in Spain show a clear pattern. Adware threats predominate, with some especially intense seasonal peaks, along with the prominent presence of banking Trojans that impersonate financial entities recognizable to Spanish users, as well as spyware designed to monitor the victim’s mobile activity and steal sensitive information.

“Cybercriminals continue to evolve their tactics and adapt them to the daily habits of mobile users,” says Josep Albors, director of research and awareness at ESET Spain. “We have seen it recently with campaigns aimed at Spain that abuse technologies such as NFC, impersonate well-known banking entities and use fake applications to exploit the victim’s trust in their mobile phone in increasingly common processes, such as contactless payments or security verifications.”

Three signs that indicate that the mobile phone has been hacked

Although each attack can behave differently, ESET, a leading cybersecurity company, remembers that there are some especially relevant signs that should be monitored on your mobile phone to detect a possible infection or unauthorized access in time:

1.- The battery runs out faster than usual

If the phone discharges much faster than normal, heats up even when it is at rest, or registers spikes of activity without apparent use, there could be malicious processes running in the background on the phone. This behavior may be related to spy applications, malware that collects information, tools that monitor location or software that constantly sends data from the mobile phone to servers controlled by cybercriminals.

Given this signal, ESET recommends checking which applications consume the most battery on the mobile, checking if there are unknown apps or apps with generic names installed and verifying what permissions they have been granted, especially those related to microphone, camera, location, accessibility or reading notifications.

2.- The phone begins to perform actions on its own

Applications that open or close without user intervention, messages or emails sent that no one recognizes, unsolicited verification codes, unexpected changes in the language, security settings or application permissions may indicate that a third party is trying to access the mobile or associated accounts. It is also worth paying attention to active sessions in services that the user does not recognize, login attempts from unknown locations or changes in banking applications, social networks or email accounts linked to the mobile. In these cases, ESET advises changing passwords immediately, starting with the primary email, closing open sessions on all devices, reviewing recent account activity, and activating two-step authentication whenever it is available on the mobile.

3.- Mobile data consumption increases without explanation

A sudden increase in traffic, activity at times when the user is not using the mobile phone, or applications that consume data without having been opened can indicate that the mobile phone is sending information to external servers or communicating with an attacker. This type of behavior can be linked to the theft of information, remote control of the mobile phone or the execution of processes that require constant connection. In the event of abnormal data consumption on your mobile, ESET recommends reviewing data usage by application, uninstalling any unknown or suspicious app, limiting background activity of applications that do not need it, and running a security scan to detect and eliminate possible threats on your mobile.

It is also advisable to keep the mobile operating system and applications updated, download apps only from official stores, avoid installing APK files of unknown origin and distrust links received by SMS, email, social networks or messaging applications on the mobile, especially if they request personal data, bank credentials or verification codes.

Alex Chen
Alex Chen

Alex Chen serves as the chief editor of Asia Tech Journal, bringing over a decade of experience in technology journalism. Previously writing for several globally renowned publications, Alex is celebrated for his insightful analyses and in-depth reporting on tech trends across Asia. Passionate about innovation, Alex specializes in the dynamic technology ecosystem of China and its global impacts.