How To Secure Your Android Phone From Hackers (and Anyone Else)

Apple launched the modern smartphone era in 2007 with its first iPhone, and it’s hard to remember what life was like before we had these handy gadgets.  The very idea of having a powerful, multifunction computer and personal communications device we could fit in our pockets was straight-up science fiction not too long before that. 

Now, our phones are so central to our lives that misplacing one’s phone is as heart-stopping as misplacing our wallets used to be.  In fact, because we keep so much of our lives on our phones, they’ve become a significant point of vulnerability to hackers and scammers.  While you may not be a high-profile celebrity target, criminals make most of their money from ordinary people like you.  We’ve written before about what to do after you’ve been hacked, but it’s better yet to protect your phone in the first place. 

This is our guide on how to secure your Android phone from hackers.  iPhone users can find their corresponding guide here

Who's Calling Me?

Search any phone number to learn more about the owner!

Context: Google Does a Lot of the Heavy Lifting

It’s important to understand that Android isn’t just a program; it’s an ecosystem.  Google isn’t just responsible for its own code (the Android OS itself is made up of thousands of smaller programs and libraries), but for providing a framework within which app developers and hardware manufacturers can thrive. 

That’s a massive task.  Between the technical difficulties involved, the fact that every outside party has its own procedures, and simple human error, it’s unsurprising that vulnerabilities crop up on a regular basis.  When you add in the privacy implications of legitimate app developers exploiting loopholes in the law, and the potential for outright criminality from hackers and shady developers, the job gets even bigger. 

Google, accordingly, has built in a lot of security measures as part of Android’s framework.  Most of what they do would go right over a layperson’s head, but the introduction to their discussion of Android security for developers will give you the idea.  The TL;DR version is that they do a pretty good job of securing the OS itself and the Play store, as well as vetting the apps that developers submit.  They also provide many security and privacy features, but it’s up to you to learn and use them. 

Android Security Basics

First, let’s look at the most basic, fundamental things you can do to improve the security of your Android phone.  Software patches and updates are how Google and app developers fix newly discovered threats, so that’s a good starting point. 

Applying Your OS Updates 

Android updates may or may not happen automatically, depending on your carrier and your phone’s manufacturer.   You can check manually by tapping Settings, then Security, then “Google Security checkup.”  For updates to the Play system, tap “Google Play system update.” 

Updating Third-Party Apps

Open Google Play, tap your profile and then “My apps & games.”  You can update selected apps individually or tap “Update all.”  If you don’t want to update manually, go to Settings and then General, and choose “Auto-update apps.”

Locking Your Phone

A swipe is better than nothing; a PIN is better than a swipe; and a password is better yet.  Pick one that’s strong but memorable.  Once you protect your phone with a lock screen, by default Android will start encrypting your files for an added level of protection. 

Android Security Tips and Privacy Settings

Once you’ve attended to those basics, there are a handful of more significant steps you can take.  These require a bit more understanding of your phone (and Android) but they’re not especially difficult. 

Reviewing and Fine-Tuning App Permissions

Older versions of Android told you what permissions an app requested, but your only option was to accept or refuse.  Now, you can turn them on and off individually (“Why does a calculator need to see my contacts list?”).  Go to Settings and then Apps, and select an app.  Tap Permissions and then go down the list to turn them on or off selectively.  You can also choose when the app has permissions (all the time, only when it’s being used, etc.). 

Removing Unused Apps 

Only a very small percentage of apps contain actively malicious code, but every app may potentially contain security vulnerabilities.  Periodically reviewing your apps and removing the ones you don’t use cuts down the number of potential access points for criminals. 

Enabling “Find My Device”

Google’s Find My Device service will let you find and lock a lost or stolen phone, and — if necessary — delete all of its data.  To enable it, tap Security and then Find My Device (on some Android versions it may be under Security & Location or Google and then Security).  If the phone you’re protecting is the one you use to receive authentication texts from Google, you can’t use Find My Device unless you also set up an alternative authentication method. 

Enabling Biometric Unlock

Instead of a PIN or password — which can be stolen or guessed — you can set your phone to unlock using facial recognition or its fingerprint reader.  The fingerprint reader is your better option; scammers have “spoofed” facial recognition with photos and most of us post a lot of photos online.  Instructions on setting this up will vary by phone, so check your manual (or the manufacturer’s website) for details. 

Securing the Attached Accounts

Your Android phone is always connected to your Google account and probably to many others as well (Facebook, Amazon, Instagram, TikTok, etc.).  Each of those accounts is a potential vulnerability: If a scammer gets control of it, they could conceivably leverage it to install malware on your device or to sign in to other services (think of how many places let you log in with Facebook!).  Setting up extra security for each of those accounts — like authentication through a code, a third-party app or your fingerprint reader — will help protect your phone as well. 

Install the Spokeo App

A lot of scams come in the form of calls or texts, and unsurprisingly Spokeo is the tool you need to cope with those.  Installing the Spokeo app (you’ll find it on Google Play) gives you the power to screen those incoming calls by finding and displaying the caller’s information, identifying scammers and telemarketers so you don’t need to answer the phone.  It’ll also tell you when your contacts’ information is missing or updated, making it harder for scammers to use your friends’ outdated information to “phish” you successfully.  

How To Secure an Android Phone From Hackers (the Advanced Stuff)

If you want to get really serious about protecting your phone, you can take a few additional steps.  These may require a bit more expertise, but for anyone who’s especially concerned about security, they can be worthwhile. 

Installing Additional Malware Protection

Google’s own Play Protect anti-malware software comes as part of Android and is enabled by default.  If you want additional protection or features that Play Protect doesn’t offer, you can choose and install a separate malware-detection app (there are lots on the Play Store).  These apps can sometimes conflict with Protect and each other, so be prepared for a bit of troubleshooting. 

Using a Privacy-Centric Browser

Websites are a common source of malware and privacy issues.  Anti-malware apps can help with that, but using a browser centered around privacy and security is also a good option.  Some of the better-known names in this category include Firefox, Brave, DuckDuckGo and Tor. 

Using a VPN

Public Wi-Fi is unencrypted, which means scammers hanging out at the local cafe can capture a lot of data from unwary phone use.  One way to beat them is through the use of a virtual private network, or VPN.  We’ve written about this before: A VPN gives you a virtual “tunnel of privacy” across public networks (including the internet). 

You’ll find both free and paid VPN apps on the Play Store, but pick carefully.  Some free VPNs pay the bills by selling user data, which rather defeats the purpose. 

Develop Good Security Habits

Any combination of the tweaks and tools we’ve listed here will go a long way toward securing your Android phone, but software can only take you so far.  Ultimately, the biggest factors in maintaining phone security are you and your own habits. 

We’re not encouraging paranoia, just an attitude of healthy skepticism and security-consciousness as you live your life.  This includes things like: 

  • Not using your banking app or other sensitive apps while you’re on public Wi-Fi.
  • Being physically aware of the people around you, in case anyone’s “shoulder surfing” in the hope of seeing your passwords or personal information.
  • Not leaving your phone lying around, especially in public places. 
  • Being wary of links in potential phishing texts and emails (that’s how Jeff Bezos’ phone was compromised, and he’s a pretty smart guy). 
  • Recognizing that random money requests from friends or family on Venmo, Cash App and similar apps are often scams. 

Just as importantly, leverage your Spokeo membership (whether through our app or website) to protect yourself.  When you receive an email or a text you’re unsure of, use our reverse phone search or email address search tool to verify their legitimacy.  Are things going really fast with that person you swiped right on?  Search their name to find out if they’re really who they say they are or if you’re being catfished

It only takes a moment, but it can save you a world of grief. 


Business Insider – The First iPhone Was Announced 13 Years Ago Today – Here’s How Steve Jobs Introduced It

Avast Blog – The Worst Celebrity Hacks

Android – Secure an Android Device

Google Support – Check & Update Your Android Version

Google Support – Change App Permissions on Your Android Phone

Google Support – Be Ready To Find a Lost Android Device

Google Support – Find, Lock or Erase a Lost Android Device

Google Support – Help Protect Against Harmful Apps With Google Play Protect

Related posts

How to Tell If Someone Blocked You on Facebook

How to Plan a Family Reunion

Finding Your People: How to Make Friends Online