What is ‘Ghost Tapping’? The New Scam That’s Hijacking Phones
Author: Adam Collins
Just when you thought you’d seen every trick in the scammer’s playbook—along comes something new, spooky, and high-tech. It’s called ghost tapping, and it’s quickly becoming one of the most unsettling digital scams out there.
Why “ghost”? Because your phone seems possessed. Buttons get pressed, apps open, money moves—yet you didn’t touch a thing.
In a nutshell: Ghost tapping is a new scam where fraudsters secretly control your phone through hidden malware. It lets them make taps, authorize payments, or access your private data without you touching your screen. It usually starts when you click a fake link or install a dodgy app. Protect yourself by avoiding unknown links, using official app stores, and keeping your phone’s software up to date.
What Exactly is Ghost Tapping?
Ghost tapping refers to a type of digital attack where your phone registers “phantom” touches—meaning actions happen on your screen without you physically touching it. Technically, this control is often achieved using a Remote Access Trojan (RAT) or by abusing accessibility services built into mobile operating systems.
This isn’t some glitch or screen defect. In many cases, it’s malware, planted by scammers to gain control of your device. Once inside, they can do almost anything you can do:
- Approve bank transactions
- Change passwords
- Open apps
- Grant permissions
- Even access your messages and contacts
It’s called “ghost tapping” because the taps look invisible—almost like a ghost is operating your phone. Creepy, right?
How Does it Start?
Most ghost tapping scams begin the same way: with a fake link or malicious app.
You might receive a text, email, or social media message saying something like:
- “Your parcel is waiting for delivery. Click to track.”
- “Your account needs verification. Log in now.”
- “Download this app for faster access.”
The link looks legit—maybe even branded with your bank or a known company—but once you click it, it installs hidden software that gives scammers remote access to your screen.
Sometimes, it’s not even instant. The malware might wait days before activating, making it harder to trace where it came from.
What Happens When Your Phone is Ghost-Tapped?
Once scammers have control, the chaos begins. They can approve online payments, extract data, or manipulate apps while you’re none the wiser. Some victims have even watched in real time as their screens moved on their own—icons flicking, screens scrolling, and money disappearing.
For many, the first sign of ghost tapping is unusual activity—bank alerts, apps opening by themselves, or phone performance suddenly slowing down.
How to Protect Yourself from Ghost Tapping
To keep your digital life secure, follow these five essential steps to prevent malware from hijacking your phone:
1. Stick to Official App Stores (Avoid Side-Loading)
Always download applications exclusively from the Google Play Store (for Android) or the Apple App Store (for iOS). Third-party app sites are hotbeds for fake, infected software and are the primary source for installing hidden malware. Even if an app looks legitimate, never install software from an unknown browser link.
2. Practice Hyper-Vigilance with Phishing Links
Think before you click. If you receive a text, email, or social media message that sounds urgent, emotional, or offers something "too good to be true," stop and think. That sense of panic or rush is exactly what scammers want. Manually type the company’s website into your browser instead of clicking the link provided.
3. Keep Your Operating System and Apps Updated
Software updates aren't just for new features; they are critical security patches. Updates patch security loopholes and zero-day vulnerabilities that hackers are quick to exploit with new malware. Make sure your phone's operating system (iOS or Android) and all your apps are configured to update automatically.
4. Enable Two-Factor Authentication (2FA) Everywhere
Two-factor authentication (2FA) is your last line of defense. Even if scammers manage to gain access to a password, 2FA will prevent them from completing logins or high-value transactions without the second code, which they usually cannot access. Enable it on banking, email, and social media accounts.
5. Install a Reputable Mobile Security App
A good, trusted mobile security tool can run in the background, constantly monitoring for suspicious activity. It can detect and block malware, including Remote Access Trojans, before they wreak havoc and give scammers control over your screen.
FAQs
Q: Is ghost tapping caused by a broken screen?
Sometimes, physical screen damage can cause random touches—but ghost tapping scams are different. They’re caused by malicious software, not hardware issues.
Q: Can scammers really move my phone screen remotely?
Yes. If malware is installed, scammers can simulate touches, open apps, and authorize actions—all without you knowing.
Q: How do I know if I’ve been infected?
Watch for strange behavior—apps opening on their own, new permissions, or transactions you didn’t approve. Run a malware scan immediately.
Q: What should I do if I suspect ghost tapping?
Disconnect from Wi-Fi and mobile data right away. Back up your data, then run a full device reset or take your phone to a trusted technician.
Scams are no longer just about fake texts or emails—they’re invading your screen itself. Stay alert, think before you tap, and remember: your best defense is awareness.
Before you click or install anything suspicious, run a quick check with the ScamAdviser App. It only takes seconds and could save you a fortune.
Report a Scam!
Have you fallen for a hoax, bought a fake product? Report the site and warn others!
Scam Categories
Help & Info
Top Safety Picks
Your Go-To Tools for Online SafetyDisclaimer: Some of the links here are affiliate links. If you click them and make a purchase, we may earn a commission at no extra cost to you.
- ScamAdviser App - iOS : Your personal scam detector, on the go! Check website safety, report scams, and get instant alerts. Available on iOS
- ScamAdviser App - Android : Your personal scam detector, on the go! Check website safety, report scams, and get instant alerts. Available on Android.
- NordVPN : NordVPN keeps your connection private and secure whether you are at home, traveling, or streaming from another country. It protects your data, blocks unwanted ads and trackers, and helps you access your paid subscriptions anywhere. Try it Today!
- Incogni : Incogni automatically removes your personal data from data brokers that trade in personal information online, helping reduce scam and identity theft risks without the hassle of manual opt-outs. Reclaim your privacy now!
Popular Stories
In a nutshell: A good VPN protects your privacy with strong encryption, a strict no-logs policy, and fast protocols like WireGuard. The best VPNs also offer wide server coverage, leak protection, and easy-to-use apps for all devices. For 2025, the top providers are NordVPN, ExpressVPN, Surfshark, Proton VPN, Private Internet Access, CyberGhost, and Mullvad—each excelling in speed, security, or value. In an age where every click is tracked, a Virtual Private Network (VPN) is no longer just a luxury—it's an essential tool for digital privacy and security. A VPN works by creating a secure, encrypted tunnel between your device and the internet, masking your real IP address and protecting your sensitive data from prying eyes. But with hundreds of providers out there, how do you sort the secure from the suspect? This guide breaks down the non-negotiable features of a quality VPN and highlights the 7 top-rated services for 2025. What to Look for in a Good VPN: The 4 Non-Negotiable Pillars 1. Ironclad Security Features Strong Encryption: AES-256, the gold standard. Secure Protocols: OpenVPN, WireGuard, NordLynx, Lightway. Avoid PPTP. Kill Switch: Ensures no accidental IP leaks. Leak Protection: Covers DNS, IPv6, and WebRTC. 2. Verified Privacy Practices No-Logs Policy: No activity or metadata tracking. Independent Audits: Verification by third parties. Safe Jurisdiction: Prefer countries outside the 5/9/14 Eyes alliances. 3. High-Speed Performance Fast Protocols: WireGuard and equivalents. Large Server Network: Less crowding, more reliable speeds. 4. Essential Usability Features Multi-Device Apps: Windows, Mac, iOS, Android, routers. Simultaneous Connections: One account, many devices. Unblocking Power: Netflix, Hulu, BBC
How to Protect Yourself and Your Family After a Data Breach When Your Data Falls Into the Wrong Hands Just received that terrifying notification? Or perhaps you've noticed suspicious activity in your accounts? Take a deep breath. A data breach, the unauthorized access or exposure of sensitive, protected, or confidential data, is a deeply unsettling event. It can plunge you into a world of worry, bringing risks from financial losses and identity theft to significant emotional distress and reputational damage. The numbers don't lie: according to a 2024 report, the number of data breach victim notices has grown by a staggering 211% year-over-year. This isn't just a distant threat; it's a stark reality many individuals face. This year alone, we've seen major organizations like Adidas and Qantas grapple with high-profile data breaches, affecting countless customers. This underscores a critical truth: nobody is untouchable. Subsequently, strategic action is the only way to minimize the risk and protect your future. This guide is your emergency action plan, designed to walk you through every crucial step—from confirming the breach to fortifying your digital life for the long term. Part 1: Confirming the Breach and Understanding the Damage The very first step is to answer the question definitively: Was my data compromised, and if so, how badly? Start with the basics: Check Official NotificationsReputable companies are legally obligated to inform you if your data was part of a breach. Look for official emails, letters, or public announcements. Check Verified Breach DatabasesPlatforms like HaveIBeenPwned help you see if