What Should You Do After Falling for a Text Scam?
Have you ever received an innocent-looking text that appears to be for someone else or a message from UPS that your package can’t be delivered until you set your delivery preferences?
These are two of the more common text scams. You may have even fallen for them. It’s OK, it happens to the best of us.
However, you should be very wary of links in unexpected text messages. While many text scams are designed to steal personal information through phishing, some scams can also deliver malware directly onto your device.
Malware can operate quietly in the background, gathering sensitive information or slowing down your phone’s performance.
Signs Your Phone May Be Infected with Malware
Signs your phone may be infected with malware:
- Battery and Performance Issues: Significant battery drain, overheating or sluggish performance — especially when the phone is idle.
- Unusual Data Usage or Unexpected Charges: Sudden spikes in data usage or unexplained charges on your phone bill could indicate background malware activity.
- Intrusive Ads or Unexpected Changes: Pop-up ads, unwanted new apps, unfamiliar toolbar icons or redirects when browsing.
- Unknown Devices or Unauthorized Access: New or unknown devices connected to your accounts, or suspicious permissions granted to apps you don’t recognize.
Describing these signs can start to feel like reading symptoms of any major disease — many of the symptoms could apply even if there’s no malware.
It’s important not to jump to conclusions, but if you’re noticing unusual issues, it’s worth a closer look.
Just like the most insidious diseases, the most sophisticated malware often goes undetected for a very long time, operating quietly in the background while collecting data or weakening your device’s defenses.
If you notice one or more of these issues, don’t panic, but there are some steps you should take to ensure your phone isn’t compromised.
“It’s important to note a factory reset will not always work, as some malware can live deep within your phone’s settings to avoid being deleted with a factory reset.”
Step 1: Change Any Passwords You Gave Away
One of the most common scam tactics attackers use is to redirect you to a fake login screen to steal your credentials. If you think your credentials were stolen, immediately change the password of any accounts you logged into, ideally from a separate, secure device.
Once attackers have your login information, they’ll generally change the password themselves to lock you out.
If the account in question is a business account, notify your organization’s IT team or managed service provider, as they can use their administrative privileges to force logouts and change the password if necessary.
Step 2: Scan Your Phone for Malware
Malicious links can automatically download viruses, malware and other security threats onto your phone without you noticing.
While the standard security features for Apple phones and Google Play Protect for Android phones generally are good enough to protect you, there are free security apps that will dig a layer deeper and detect threats missed by standard security tools.
Microsoft Defender for Apple and Android devices, as well as Malwarebytes for Apple and Android devices, are two of the most popular antivirus apps available for phones.
Run a scan and the applications will remove any threats you downloaded. In fact, you could get in the habit of running a scan each time you download a file or enable weekly scans to ensure your phone is always free of malware.
They aren’t 100% effective — no security app is — but multiple scans with different apps will help clear out unwanted malware.
Step 3: Update Your Operating System and Apps
Malware often targets outdated software. Make sure your operating system and apps are up to date to patch any vulnerabilities the malware may have exploited.
Step 4: Clear Your Browser’s Cache and History
Sometimes malware takes advantage of cached files and saved browsing data. Clear your browser’s cache and delete any stored login information or browsing history to eliminate lingering traces of malware.
Step 5: Perform a Factory Reset
If the previous steps didn’t solve the issue, then performing a factory rest is your last resort.
A factory reset, which can be found in your phone’s settings menu, will delete all data (contacts, photos, files, etc.) on the phone and revert it to the day you purchased the device.
We recommend backing up the important data on your phone before you perform a factory reset.
It’s important to note a factory reset will not always work, as some malware can live deep within your phone’s settings to avoid being deleted with a factory reset.
Interested in Cybersecurity Training?
Text scams are getting more advanced and harder to detect. Contact us if you want to train your employees on how to spot text scams and other phishing attacks. We also can help secure your sensitive data while increasing your organization’s productivity, security and profitability.
Stay updated! Get tips and insights delivered to your inbox weekly by subscribing to our newsletter.