Quite a few things are not mentioned in this article: - Check if new biometrics (additional fingers/faces) are registered - Check if developer options are enabled which you did not do yourself (Android+iPhone) - Check custom VPN configurations and device management profiles (iPhone) - Check custom keyboards (iPhone) - Watch indicators for camera/microphone being active when not using those features - Review location sharing for Google/Apple maps and Find my device - Use safety check (iPhone) - Review Google accounts in the accounts section (Android) And to improve protection: -Disable WiFi/Bluetooth/Hotspot when not in use -Limit app permissions to only what's necessary -Disable NFC/Airdrop -Disable Handoff (iPhone) -Enable USB restricted mode (iPhone) -Enable Lockdown mode (iPhone) -Disable calls on other devices (iPhone) -Use ad blocker -Disable loading of remote content/images in e-mail app -Disallow app installs from unknown sources (Android) -For manually installing APK files on Android, use Appverifier: https://github.com/soupslurpr/AppVerifier -Hardcore: Disable javascript in browser -And of course install OS/app updates and only install from trusted sources -Periodically reboot device Feel free to add things if I missed anything
