Your phone battery dies by noon when it used to last all day. An app you don’t recognize appears in your settings. A friend reports receiving a text from you at 3 a.m. when you were asleep. These aren’t random tech hiccups. It’s possible your smartphone has been tapped for stalking or surveillance.

Unfortunately, mobile-based surveillance continues to rise as smartphones become central to our lives, and the old idea of a tapped phone has gone digital. Modern phone tapping may entail someone installing malicious software on your device and even taking over your accounts.

Safehome, a company that focuses on home and personal safety research, revealed in a 2024 survey that 80% of all stalking victims in the U.S. are tracked using technology, such as spyware, cameras, and GPS tech.

You can protect your device from being monitored. In this guide, we’ll walk you through what modern phone tapping means, how to spot the warning signs, and the immediate steps you can take to secure your calls, texts, and personal data. Whether you’re worried about stalkerware, account takeover, or sophisticated spyware, you’ll learn how to check your phone like a pro and keep it protected going forward.

Key Takeaways

  • Modern phone tapping usually involves spyware apps, account hijacking, or SIM swaps rather than traditional wiretaps.
  • Indicators of phone surveillance include unusual battery drain, unfamiliar and suspicious apps on your device, and unexpected account activity.
  • Built-in detection tools on iOS and Android phones can reveal which apps are secretly accessing your microphone, camera, and location.
  • To prevent phone surveillance, take simple steps such as updating your OS, reviewing app permissions, and using strong authentication.
  • Help is available through mobile security apps and law enforcement resources.

10 Signs Your Phone is Tapped

Detecting surveillance requires observation, not paranoia. Here are the concrete signs worth investigating, organized from easiest to spot to more subtle indicators.

Performance and Behavior Changes

1. Unusual Battery Drain

If your phone’s battery depletes faster than normal, even when you’re not actively using it, it could be spyware constantly sending data to remote servers, which consumes significant power. Check your battery settings to see which apps are using the most energy. If you spot an unfamiliar app near the top of the list, that’s worth investigating.

2. Unexpected Data Usage Spikes

Review your data usage settings to see which apps have consumed the most data over the past month. Spyware transmits your location, messages, call logs, and even audio recordings to someone monitoring you. This creates unusual data consumption, especially from apps you rarely or never use.

3. Random Behaviors

Do you notice apps opening or closing on their own, unexplained restarts, or your idle phone heating up? These may indicate malicious software running in the background. If your phone seems busy when you haven’t touched it, dig deeper.

Mobile security experts recommend establishing a baseline for your phone’s normal behavior. If you notice multiple performance changes at once, that’s more significant than a single issue appearing gradually over time.

Suspicious Apps and Permissions

4. Hidden or Unfamiliar Apps

On your app list, look for generic names such as System Service, Device Health, or names using random letters and numbers. Stalkerware apps often disguise themselves with boring, system-sounding names, hoping you’ll overlook them. If you spot something unfamiliar, research it online before deleting. Some legitimate system processes have odd names, but any consumer app should be clearly identifiable.

5. Permission Overreach

Many spyware tools request extensive permissions that have nothing to do with their stated purpose. Check your phone’s privacy and pay special attention to apps with access to your camera, microphone, SMS messages, and location. That access should align with what the app does. A video calling app needs camera access; a weather app doesn’t.

6. Root or Jailbreak Status

If you didn’t deliberately root your Android phone or jailbreak your iPhone, but discover it’s been modified, someone with physical access probably did it to install spyware. Check for jailbreak on your iPhone using apps from the App Store. On Android, apps like Root Checker reveal if your phone has been rooted.

Unexplained Account or Network Events

Phone surveillance often goes with account compromise. Watch for these warning signs beyond your device itself.

7. Unexpected Two-Factor Authentication Prompts

If you receive a 2FA code you didn’t request, someone may have obtained your password and is trying to get past your second layer of security. Change your password immediately and review your account’s recent activity.

8. Password Reset Emails

Attackers often try to reset passwords after gaining access to a phone, hoping to lock you out of your own accounts. If you receive legitimate-looking password reset requests from multiple services around the same time, your phone or email account may be compromised.

9. SMS Messages about SIM Changes 

SMS messages about SIM changes or new devices from your mobile carrier deserve immediate attention. These might indicate a SIM swap in progress, where someone is trying to hijack your phone number. Contact your carrier immediately through their official channels if you receive these alerts.

10. Strange Messages Sent From Your Accounts

If your contacts mention receiving odd texts, emails, or social media messages from you that you didn’t write, investigate immediately. This could indicate that spyware has taken over and is using your accounts.

How to Check If Your Phone Is Tapped?

Now that you know the warning signs of a compromised phone, it’s time to actively investigate. Follow these steps in order, starting with the quickest checks and progressing to more thorough investigation methods.

1. Check Call Forwarding Status

Check call forwarding status by using your carrier’s legitimate codes listed on their official support pages. On many networks, dialing ##002# and pressing call will clear all call forwarding, call waiting, and conditional forwarding. Dial *#21# to check the current status. You may also log in to your carrier account through your provider’s official website or app to review your phone settings. If you see active forwards to unknown numbers, deactivate them immediately.

2. Verify Your SIM and Active Devices

While logged into your carrier account, check which devices are currently active on your line. If you see an unknown device or a SIM activation you didn’t authorize, that’s evidence of a SIM swap attempt. Report it immediately.

3. Set or Update Your Carrier Account PIN

Mobile carriers usually require you to set a PIN, passcode, or other authentication methods before making account changes, especially SIM swaps. Call your carrier or use their online account tools to add this layer of protection if you haven’t already.

4. Use Built-in Privacy Indicators and Logs on Your Phone

Your phone already has built-in surveillance detection tools. You just need to know where to look and how to interpret what you find.

On iPhone:

  1. Check for the privacy indicators. Since iOS 14, a green dot appears in the status bar when an app is using your camera, and an orange dot appears for the microphone. If you see these indicators when you’re not actively using the matching app, swipe down to Control Center immediately to check. 
  2. Enable App Privacy Report. Go to Settings > Privacy & Security and enable App Privacy Report to collect data for a few days. This report will show exactly which apps accessed your camera, microphone, photos, and other sensitive data, how often, and which network domains they contacted.

On Android:

  1. Check the Privacy Dashboard. Go to Settings > Privacy > Privacy Dashboard to see which apps accessed your camera, microphone, and location over the past 24 hours. Android has indicators on the status bar when your camera or microphone is active. 
  2. Review app permissions. Go to Settings > Privacy > Permission Manager to review apps and revoke permissions if they don’t have a clear, legitimate reason to use these features.

5. Scan for Spyware and Malware

Reputable mobile security software, such as McAfee, can detect stalkerware and identify suspicious network connections that may indicate spyware activity. These apps also monitor for outdated software or risky Wi-Fi connections, which enable surveillance, alert you when new apps are installed, warn you before you visit phishing sites, and monitor if your personal information appeared in data breaches that might lead to account compromise.

Understand the Limitations of Security Apps

Consumer security apps may not catch highly advanced state-sponsored spyware, which uses zero-day exploits and evasion techniques. If you’re in a high-risk category, such as journalists, activists, public officials, or someone with reason to believe you’re targeted by persistent threats, consumer tools may be insufficient.

What to Do if Your Phone is Tapped?

Some situations require expertise and resources beyond DIY troubleshooting. Recognize scenarios that need escalation and know where to turn for help.

Intimate Partner Surveillance

Stalkerware is frequently used in domestic abuse situations, and abusers may escalate if they discover you’re seeking help or removing their monitoring access. In the U.S., organizations like the National Domestic Violence Hotline (1-800-799-7233) and the Coalition Against Stalkerware provide resources for digital safety in abusive relationships.

Many countries have similar resources, and can help you develop a safety plan to handle a monitored phone, remove spyware without alerting your abuser, and to preserve evidence for law enforcement and legal action. They can also connect you with local resources and legal advocates who understand digital surveillance in abuse cases.

Report Cybercrime and Fraud

If you’ve experienced financial loss, identity theft, or other crimes involving your compromised phone, you have reporting options. In the U.S., file a report with the FBI’s Internet Crime Complaint Center and the Federal Trade Commission.

Other countries have similar cybercrime reporting mechanisms through their national police forces or consumer protection agencies. Your report contributes to larger efforts that can lead to enforcement actions and help other victims. 

Document everything. If you discover surveillance on your phone, take screenshots, save log files, and record the names and details of suspicious apps before removing them. This evidence can be highly useful for law enforcement investigations, protective orders, or civil litigation.

Privacy Violations and Data Breaches

If a stalkerware company has collected your data illegally, you may have rights under privacy laws in your jurisdiction. The FTC’s enforcement actions require companies to notify victims in the U.S., and you may be able to pursue civil remedies. European residents have strong protections under the General Data Protection Regulation.

High-risk Individuals Facing Sophisticated Threats

Organizations like Amnesty International‘s Security Lab and Access Now‘s Digital Security Helpline provide pro bono assistance to journalists, activists, and human rights defenders who may be targeted by spyware. These experts use specialized forensic tools and techniques to detect advanced spyware.

Best Practices to Prevent Phone Tapping

In addition to the tips we shared above, these practices form a solid defense against most phone surveillance threats in 2026.

Core Mobile Security Hygiene

  • Keep your operating system and apps updated: This single practice prevents more compromises than any other measure, so be sure to update when Apple and Google release patches that close those security holes. Delaying could leave your phone vulnerable to known exploits.
  • Install apps only from official stores: Third-party app stores and direct Android Package Kit downloads are common distribution methods for spyware and malware. On Android, verify that Settings > Security shows “Install unknown apps” is blocked for all sources except the Play Store. On iPhone, you can only install apps from the App Store unless you jailbreak your device, which you should never do.
  • Disable sideloading and avoid rooting or jailbreaking: Most stalkerware requires elevated system privileges to hide effectively and access protected data. Jailbreaking an iPhone or rooting an Android device removes these protections. Unless you have a legitimate reason to modify your phone’s OS, keep it in its factory configuration.

Strengthening Accounts and Communications

  • Use unique, strong passwords for every account. When your phone is monitored, attackers can see the passwords you type or access accounts you’re logged into. To limit the damage, use strong, unique passwords generated by a reputable password manager. This tool protects your credentials with encryption and alerts you if your passwords appear in known data breaches.
  • Implement app- or hardware-based multi-factor authentication: Because SIM swapping can intercept SMS-based two-factor authentication codes, it is better to use authenticator apps such as Google Authenticator, Microsoft Authenticator, or Authy, which generate codes on your device that can’t be intercepted over the network. Even better, use hardware security keys for your most critical accounts for stronger protection against phishing and account takeover.
  • Use end-to-end encrypted messaging apps: Signal, WhatsApp, and iMessage provide end-to-end encryption, which scrambles your messages from the moment you send them until the recipient decrypts them on their device. Even if someone intercepts the data in transit or compromises the messaging service’s servers, they can’t read the content.

Types of Threats from Phone Tapping

When we talk about phone tapping today, we’re describing four distinct threats. 

Carrier-Level Lawful Intercept 

If you’re under criminal investigation, telecommunications companies will cooperate with law enforcement to monitor your calls and texts. In most countries, including the United States and European nations, this requires a court-issued warrant and follows strict legal procedures and judicial oversight. If you haven’t done anything illegal, you shouldn’t have to worry about this.

Spyware and Stalkerware Apps 

These are applications secretly installed on your device, often by someone with physical access to your phone, to record your calls, read texts, track your GPS location, turn on your microphone, and access your photos.

The Federal Trade Commission (FTC) has banned companies such as SpyFone from selling these tools, which are frequently used in stalking and domestic abuse situations. Research labs now test dozens of stalkerware apps annually, finding that many hide behind legitimate uses, including family safety or parental control apps.

Advanced Commercial Spyware 

Tools such as the NSO Group’s Pegasus represent high-end phone surveillance and can compromise devices through zero-click exploits. These tools have been used to target journalists, activists, and political figures globally. The U.S. government has restricted federal agencies from using them. While this level of surveillance rarely affects average consumers, it’s important to know it exists.

SIM Swap and Account Takeover 

In SIM swap and account takeover, attackers hijack your phone number by deceiving your mobile carrier into transferring it to a SIM card they control. Once they have your number, they can intercept two-factor authentication codes, reset passwords, and access your accounts.

In 2024, SIM swapping contributed almost $26 million in consumer losses, with victims often losing access to cryptocurrency wallets and financial accounts. Similar attacks have been documented across Europe, Asia, and other regions.

Final Thoughts

Traditional phone tapping has evolved to modern surveillance that involves spyware and stalkerware apps, account hijacking, or SIM swaps. You also know the warning signs to watch for, from battery drain to suspicious account activity. You’ve learned what tools are built into your phone to detect unauthorized access. And you have a clear checklist of steps to investigate and secure your device today.

Most importantly, you know that you are not powerless. The same technology that enables unlawful surveillance also provides strong defenses when you use it intentionally. Regular updates, careful permission management, strong authentication, and security software such as McAfee Mobile Security create layers of protection that stop opportunistic surveillance before it starts.

If you do find evidence that your phone is tapped, remember that help is available. From domestic violence hotlines to law enforcement cybercrime units and forensic security specialists, you have clear pathways to address the situation and protect yourself going forward.