Affiliate links on Android Authority may earn us a commission. Learn more.
How to scan an Android phone for malware
Some people will tell you Android phones are immune from viruses and malware, but this is far from the truth. In 2022, Bleeping Computer reported on a new batch of Android malware apps spotted on the Google Play Store. If you’re worried, today we will show you how to scan an Android phone for malware.
QUICK ANSWER
To scan an Android phone for viruses and malware, download a reputable anti-malware app from the Google Play Store and have it scan your phone for suspicious code. After the scan, go over your apps list and delete any app you do not remember installing.
JUMP TO KEY SECTIONS
Editor’s note: We formulated these instructions using a Google Pixel 7 running Android 14. Some steps and menus may differ depending on your hardware and software.
Can Android phones get viruses or malware?
A virus is a particular kind of malware that behaves in a specific way. It duplicates itself inside the operating system or app code, the same way a biological virus inserts its genetic code into human cells. While Android phones don’t usually contract this particular kind of security threat, there are other forms of malware (the larger category that contains viruses and other malicious code) that can achieve the same goals as those of the makers of a virus: to get at your information, damage your phone, or hold it for ransom.
Android phones usually acquire malware via the phone’s owner being tricked into downloading it. It could come in a downloaded app, an attachment from an email or SMS text, or downloaded content from a website. It could even come from another phone if you connect the two together.
If your phone has slowed to a crawl, is burning through its battery very quickly, or is restarting repeatedly, it could be due to malware. If the same app starts crashing frequently, if you see ads popping up in apps that don’t normally have ads, if your phone suddenly starts overheating, or if you see an app on your phone that you don’t remember installing, it is likely you have an unwanted guest in your phone. So what should you do?
How to check for viruses or malware on Android
Using a third-party anti-virus app
The first thing you need to do is scan your Android phone for malware. There are a host of anti-malware apps for Android OS. Most offer a free version with basic functionality and charge for the deluxe version.
The majority of Android owners will do just fine with a free version. These apps are very easy to operate, with most featuring a large Scan button when you open the app. Of the apps listed in our article linked above, Bitdefender Antivirus is an excellent choice. It is lightweight and delivers decent functionality in its free incarnation.
Scan your phone for malware using Bitdefender Antivirus:
- Download and install the app, then launch it.
- Tap on the Scan device button.
- Allow any required permissions.
- When the app finishes scanning, it will display the results.
- We got a clean bill of health on this scan. If Bitdefender finds malware, it will delete it automatically. If this is not possible, it will give you the choice to disinfect the offending file, delete it, or move it to quarantine.
Most anti-malware apps work in a similar fashion. Here’s our list of the best antivirus apps, if you want to check out other alternatives.
Using Google Play Protect
Of course, you can also use Google Play Protect. This is the search giant’s official tool for keeping your device safe at all times. It will scan all apps and make sure your device is safe. Again, it has had its faults. Ideally, you want to use Play Protect in tandem with a good third-party option. Better be safe than sorry!
How to scan your apps using Google Play Protect:
- Launch the Settings app.
- Go into Security & privacy.
- Tap on App security.
- Hit Google Play Protect.
- Select Scan.
- When done, the feature will let you know if there are any dangerous apps on your phone.
Remove any non-Play Store apps
Now you have determined that your phone is not currently infected, you need to consider the possibility that there is a corrupt app on your phone that simply hasn’t made its move yet. If there is an app on your phone you did not download from the Google Play Store, it’s likely to be suspicious because apps are usually unavailable in the Google Play Store for a reason.
Sometimes, it’s because an app performs a function that violates a company’s terms of service. Other times, it’s because the makers or distributors of the app want to put spyware or other malware in their app. They know Google will not allow that. Although infected apps sometimes appear in the Google Play Store, Google regularly scans its stock to remove malware. If you want to ensure your device is secure, you should delete all apps from your phone or tablet that you did not download from the Google Play Store.
Here’s our guide to deleting Android apps, if you don’t know how to do this.
What about the future?
Keeping your Android device free from malware going forward is a matter of vigilance. Here are some steps you can take to make sure no malicious code finds a beachhead in your phone:
- Continue to take all the normal security steps you probably already make a habit of, including never clicking on links in emails or text messages unless you are 100% sure they are safe and locking your phone with a PIN when you will not be using it for a while.
- You can employ an antivirus app on your device. For real-time protection, consider a monthly subscription. That said, antivirus software on a PC is pretty much a necessity. With Android, if you follow basic security practices like not opening suspicious messages and emails, avoiding third-party apps outside of the Play Store, and other similar precautions, you might find that antivirus software is unnecessary for all users.
- Google Play Protect is a feature of the Google Play Store that can scan the Play Store apps you have on your phone or tablet and compare them to the versions in the store. Any app that has been altered on your device will be flagged. If you use only Play Store apps and scan with Play Protect regularly, it will be difficult for anyone to corrupt your device.
- Every update to the Android system has included security fixes and solutions for known vulnerabilities in the previous version. The longer an Android version is available to the public, the greater the chance that someone can exploit these vulnerabilities as more and more hackers find out about them. In between version updates, there are also smaller Android security updates. You should install these as soon as they are offered.
- Turn off password saving. It makes a hacker’s job much easier when your passwords are stored on the very device they are trying to invade.
- If you notice performance issues with your phone, it may be caused by somebody spying on your smartphone or tracking you. Here’s how to tell if that’s what’s up and what you can do about it.
FAQs
All viruses are malware, but not all malware is a virus. A virus is one kind of malware that spreads by copying itself into your phone’s operating system or app code. Malware could be a virus, or it could be ransomware, or adware, or a worm. Viruses are a subset of all malware.
Android does. There are more Android phones in the world than iPhones, so they are a more attractive target for malware makers. There are also more opportunities to infect an Android device because you can easily download Android apps from places other than the Google Play Store. This gives bad actors a way around Google Play Protect and into your device. The only way to download an app to an iPhone that is not from the Apple Store, with its vaunted security procedures, is to jailbreak the phone. iPhones are still not completely safe, though.
No. It is very difficult to corrupt an Android phone to the point where you would have to discard it. If your phone is extremely infected, you can always revert it to its factory state and start from scratch. We have a guide on how to factory reset Android devices here.
Clicking on links in text messages can take you to malicious websites. And hackers can even use Bluetooth to push virus-infected files that an unsuspecting person might open.