Factory Reset Your Android Device Safely | AIMF Security

πŸ”„ Factory Reset & Recovery

Nuclear Option for Persistent Threats

Safely factory reset your Android device to remove persistent spyware and malware. Backup your data, collect evidence, and start fresh with a clean device.

⏱️ 45 minutes 🟑 Intermediate ⚠️ Destructive

Why This Matters

A factory reset is the nuclear optionβ€”it erases everything on your device and returns it to factory settings. This is the most reliable way to remove persistent spyware, malware, and any other compromise that can't be removed through normal means.

When to factory reset:

  • Confirmed spyware: You've found stalkerware or surveillance apps
  • Persistent malware: Malware that keeps coming back after removal
  • Device compromise: You suspect your device has been hacked
  • Selling/giving away device: Ensure your data is completely erased
  • Fresh start: Clean slate after a security incident

⚠️ Critical Warning

Factory reset will erase EVERYTHING:

  • All apps and app data
  • Photos, videos, and files
  • Contacts (if not synced to Google)
  • Text messages
  • Settings and configurations

There is NO undo. Backup everything important before proceeding.

Before You Reset: Evidence Collection

πŸ“Έ Document First, Reset Later

If you need evidence for legal proceedings or to understand what happened, collect it BEFORE resetting:

1. Screenshot Suspicious Apps

  • Go to Settings β†’ Apps β†’ See all apps
  • Screenshot each suspicious app
  • Note app names, permissions, install dates
  • Screenshot device admin apps
  • Screenshot accessibility services

2. Export PCAPdroid Logs

  • Open PCAPdroid
  • Export connection logs showing suspicious network activity
  • Save to Google Drive or email to yourself

3. Document Behavioral Evidence

  • Write down dates and times of suspicious behavior
  • Note what the person who installed spyware knew that they shouldn't
  • Document any threats or controlling behavior

4. Contact Support Organizations

Before resetting, consider contacting:

  • Coalition Against Stalkerware: stopstalkerware.org
  • Access Now Digital Security Helpline: [email protected]
  • National Domestic Violence Hotline: 1-800-799-7233

Step 1: Backup Your Data

1

Backup Photos & Videos

Use Google Photos to backup all photos and videos:

  1. Open Google Photos app
  2. Tap your profile icon β†’ Photos settings
  3. Tap "Back up & sync" β†’ Turn ON
  4. Wait for backup to complete (check under "Free up space")
2

Backup Contacts

Ensure contacts are synced to Google:

  1. Go to Settings β†’ Accounts β†’ Google
  2. Tap your Google account
  3. Enable "Contacts" sync
  4. Tap "Sync now"
3

Export Important Files

Save important documents, downloads, and files:

  • Use Google Drive to upload files
  • Email important documents to yourself
  • Transfer files to a computer via USB

⚠️ If Cloud Backup Fails (Device Compromised)

If your device is so compromised that cloud backups won't work, you have alternatives:

Option 1: Use Dual-SIM Defense First

Stabilize the device by blocking cellular attacks (see Guide #3: Dual-SIM Defense):

  1. Insert an inactive physical SIM card to force non-attach cellular state
  2. This often restores USB data transfer functionality
  3. Then proceed with USB backup (Option 2 below)

Option 2: Manual USB Transfer

If cloud backup is blocked, transfer files manually via USB:

  1. Get a USB-C hub/dock adapter (if needed for your computer)
  2. Connect phone to computer via USB cable
  3. On phone: Swipe down β†’ Tap USB notification β†’ Select "File Transfer" or "MTP"
  4. On computer: Open file explorer β†’ Navigate to phone storage
  5. Copy these folders:
    • DCIM (photos/videos)
    • Downloads
    • Documents
    • WhatsApp/Signal folders (if applicable)
  6. Optional: Use external drive with USB-C adapter to transfer directly from phone to drive

πŸ›’ Recommended USB-C Adapters & Storage

For manual USB backup, you'll need:

USB-C Hub (7-in-1): Anker USB-C Hub - $40

Multiple ports for connecting phone to computer. Reliable brand.

Simple Adapter: Anker USB-C to USB-A Adapter - $8

Basic adapter for USB-C phone to USB-A computer.

External Storage: SanDisk Dual Drive USB-C (128GB) - $20

Transfer files directly from phone to portable drive.

πŸ’° Affiliate links - small commission at no extra cost to you.

Option 3: Manual Documentation

If all electronic methods fail, manually write down critical information:

  • Important phone numbers and contacts
  • Account usernames and recovery emails
  • Important dates and information
  • Take photos of the screen with another device

πŸ’‘ Pro Tip: Try Dual-SIM defense (Option 1) firstβ€”it often restores USB access that was previously blocked by malware.

4

Export Signal Messages (If Using Signal)

Signal messages are NOT backed up to the cloud:

  1. Open Signal β†’ Settings β†’ Chats
  2. Tap "Chat backups" β†’ "Create backup"
  3. Save the backup file to Google Drive or computer

βœ… Backup Checklist

Before proceeding, verify you've backed up:

  • ☐ Photos and videos (Google Photos)
  • ☐ Contacts (Google sync)
  • ☐ Important files (Google Drive)
  • ☐ Signal messages (if applicable)
  • ☐ Authenticator app codes (write down backup codes)

CRITICAL: Secure Your Account & Phone Number First

🚨 DO NOT SKIP THIS STEP

Before factory resetting, you MUST secure your Google account and phone number, or you could lose access to everything.

1

Sign Into Google Account on Another Device

Critical: Make sure your Google account is signed in on at least one other device (computer, tablet, old phone) BEFORE resetting.

  1. On a computer or other device, go to gmail.com or google.com
  2. Sign in with your Google account
  3. Verify you can access your account
  4. Keep this device signed in until after the reset is complete

βœ“ This ensures you won't be locked out if something goes wrong during reset

2

Set Up Passkey Authentication (Highly Recommended)

Passkeys are the most secure way to recover your account after a reset:

  1. On your computer, go to myaccount.google.com/security
  2. Scroll to "How you sign in to Google"
  3. Click "Passkeys" β†’ "Create a passkey"
  4. Follow prompts to save passkey to your computer or security key
  5. Test it: Sign out and sign back in using the passkey

πŸ’‘ Why Passkeys?

Passkeys are stored on your other device (computer, Yubikey) and can't be stolen via SIM swap or phishing. After reset, you can sign back in using your passkey instead of SMS codes.

3

Enable SIM Swap Protection with Your Carrier

Critical for preventing account takeover: Contact your carrier to enable SIM swap protection BEFORE resetting.

Option A: Transferring Number to New Phone First (Safest)

If you have another Android device available:

  1. Transfer your phone number to the new/old Android device first
  2. Set up Google account on the new device
  3. Verify everything works on new device
  4. THEN factory reset the compromised phone
  5. This ensures continuous access to your number and account

Option B: Resetting Same Phone (Requires Carrier Protection)

If you're resetting the same phone and keeping the same number:

  1. Call your carrier (Verizon, AT&T, T-Mobile, etc.)
  2. Ask: "I need to factory reset my phone. What's the safest way to protect against SIM swap attacks during this process?"
  3. Request they enable Port-Out Protection or Number Lock
  4. Ask them to add a PIN/passcode requirement for any SIM changes
  5. Verify the protection is active before proceeding

⚠️ Carrier-Specific SIM Swap Protection

Verizon: Number Lock feature - prevents number transfer without PIN

AT&T: Extra Security feature - requires passcode for account changes

T-Mobile: Account Takeover Protection - blocks SIM swaps without verification

Important: Call and verify these protections are enabled. Don't assume they're on by default.

4

Set Up Off-Device Recovery Options

Add recovery methods that don't depend on your phone:

  1. Go to myaccount.google.com/security
  2. Under "Ways we can verify it's you":
  3. Add a recovery email (use a different email provider, not Gmail)
  4. Add a recovery phone number (ideally a landline or trusted person's number)
  5. Download backup codes and save them somewhere safe (not on the phone you're resetting)

πŸ”’ Security Checklist Before Reset

Verify ALL of these before proceeding with factory reset:

  • ☐ Google account signed in on another device (computer/tablet)
  • ☐ Passkey created and tested on another device
  • ☐ SIM swap protection enabled with carrier OR number transferred to new phone
  • ☐ Recovery email added (non-Gmail)
  • ☐ Backup codes downloaded and saved securely
  • ☐ Carrier contacted if resetting same phone with same number

⚠️ If you skip these steps, you risk being permanently locked out of your Google account and phone number.

Step 2: Perform Factory Reset

1

Remove Google Account (Optional but Recommended)

For maximum security, remove your Google account before resetting:

  1. Go to Settings β†’ Accounts β†’ Google
  2. Tap your Google account
  3. Tap "Remove account"

Why: Prevents Factory Reset Protection (FRP) lock issues and ensures a truly clean reset.

2

Navigate to Reset Options

Go to Settings β†’ System β†’ Reset options (or Settings β†’ General management β†’ Reset depending on device).

3

Select "Factory data reset"

Tap "Erase all data (factory reset)" or "Factory data reset".

You'll see a warning listing everything that will be erased. Review it carefully.

4

Confirm Reset

Tap "Reset phone" or "Erase everything". You may need to enter your PIN or password.

The device will restart and begin the reset process. This takes 5-15 minutes.

⚠️ Do Not Interrupt

Do NOT turn off the device or remove the battery during the reset process. Let it complete fully.

5

Wait for Reset to Complete

Your device will:

  1. Show "Erasing..." or similar message
  2. Restart multiple times
  3. Eventually show the "Welcome" setup screen

When you see the setup screen, the reset is complete.

Step 3: Set Up Your Clean Device

πŸ” Security-First Setup

  1. Skip WiFi initially: Set up offline first
  2. Set a NEW strong PIN: Don't reuse your old PIN
  3. Don't restore from backup: Backup may contain spyware
  4. Sign in to Google: Use a NEW password (change it first on another device)
  5. Enable 2FA: Use hardware keys or authenticator apps

πŸ“± Reinstall Apps Manually

Do NOT use "Restore apps" from backup. Install apps manually one by one:

  • Only install apps you actually use
  • Review permissions before granting them
  • Skip any apps you don't recognize

πŸ›‘οΈ Harden Security Immediately

  1. Disable 2G: Guide #1
  2. Install PCAPdroid: Guide #2
  3. Install NetGuard: Guide #3
  4. Audit permissions: Guide #4
  5. Harden privacy settings: Guide #5

After Reset: Staying Safe

πŸ”’ Physical Security

  • Never share your PIN: Not with anyone, ever
  • Don't leave phone unattended: Even for a minute
  • Enable biometric lock: Fingerprint or face unlock
  • Use "Power button instantly locks": Settings β†’ Security

🚨 Watch for Reinfection

If someone had physical access to install spyware once, they may try again:

  • Monitor battery usage for suspicious apps
  • Check installed apps regularly
  • Use PCAPdroid to monitor network activity
  • Trust your instinctsβ€”if something feels off, investigate

πŸ†˜ Get Support

If you're in an abusive relationship:

  • National Domestic Violence Hotline: 1-800-799-7233
  • Coalition Against Stalkerware: stopstalkerware.org
  • Local domestic violence organizations: Can provide safety planning

Troubleshooting

❓ Factory Reset Protection (FRP) is blocking me

If you see "This device was reset. To continue, sign in with a Google Account that was previously synced on this device":

  • You need to sign in with the Google account that was on the device before reset
  • If you don't remember the account, you may need professional help to unlock
  • This is an anti-theft featureβ€”there's no easy bypass

❓ I forgot to backup something important

Once reset is complete, data is gone. There's no recovery. This is why the backup step is critical.

❓ Should I restore from Google backup?

NO. If spyware was on your device, it may be in the backup. Set up as a new device and reinstall apps manually.

❓ How do I know the spyware is really gone?

Factory reset removes all user-installed apps and data. Unless the spyware was installed at the firmware level (extremely rare), it's gone. Monitor your device carefully for the first few weeks.

Next Steps

  1. Harden Google Account: Change password, enable 2FA with hardware keys β†’ Guide #12: Google Account Security (Coming Soon)
  2. Set up all security measures: Work through Guides #1-8 on your clean device
  3. Monitor for reinfection: Use PCAPdroid and regular permission audits
  4. Get support: Contact domestic violence organizations if needed

πŸ›‘οΈ You Did It

Factory resetting is a difficult decision, but it's the most reliable way to remove persistent threats. You now have a clean device. Stay vigilant, follow the other security guides, and don't let anyone have unsupervised access to your phone.

AI Marketing Flow logo
Quick Links

Case Studies

Video Library

Defense Guides

About AIMF

About

Contact Us

Site Info

Privacy Policy

Terms of Use

Sign Up for Our Newsletter

Enter your email for more cybersecurity defense strategies.

You have Successfully Subscribed!