PanicStation.org
UK USA
uk Technology & digital loss unfamiliar device management profile • unknown management profile on phone • mdm profile i didn’t install • phone says managed by organisation • supervised iphone message • vpn and device management profile • configuration profile on iphone • unknown work profile on android • android work profile appeared • device admin app i don’t recognise • profile installed after link • scammer told me to install profile • remote management on personal phone • my phone is enrolled in mdm • device management profile removal • worried phone is being monitored • corporate management on my phone • phone settings changed by profile

What to do if…
you discover an unfamiliar “device management” profile installed on your phone

Short answer

Pause and isolate the phone (airplane mode / Wi-Fi off), then record what you’re seeing (screenshots + name of the profile) before you remove anything—because removal can delete settings, accounts, or work data.

Do not do these things

  • Don’t keep using the phone for banking, passwords, or private messages until you’ve checked what the profile controls.
  • Don’t install any “removal” apps, remote-control apps, or “security certificates” someone sends you to “fix it”.
  • Don’t call back a number from a pop-up/text/email that told you to install the profile (use official contact routes you find yourself).
  • Don’t delete the profile if you rely on it for work/school access until you’ve confirmed it isn’t legitimately required (deleting can remove associated apps/data).
  • Don’t factory reset first unless you’re confident you can sign back in afterwards and it’s not legitimately work/school-managed; if in doubt, get advice from your carrier or official IT first.

What to do now

  1. Get to a safer pause and reduce exposure

    • Turn on Airplane mode, then manually switch Wi-Fi and Bluetooth off.
    • If you need a connection for one quick task (e.g., to contact your provider), use a trusted network and turn it back off afterwards.

  2. Capture basic evidence for your own records

    • Take screenshots of the profile details: name, organisation, any “managed by…” message, and any listed certificates/VPNs.
    • Write down when you first noticed it and whether you recently tapped a link, installed an app, scanned a QR code, or received “IT support” messages.

  3. Check whether the phone is actually being managed (and by whom)

    • iPhone/iPad: open Settings → General → VPN & Device Management (wording can vary). If you see a profile you don’t recognise, open it and note who it claims to be.
    • Android: check for a Work profile (briefcase icon apps), and in Settings look for Work profile / Accounts / Security / Admin apps (names vary by manufacturer). Note any admin app you don’t recognise.

  4. If it’s clearly not yours, remove the management profile/work profile

    • iPhone/iPad: in the profile screen, choose Delete Profile, then restart the phone. (Removing a profile can remove settings/accounts/apps installed by that profile.)
    • Android: use Remove work profile if present. If the phone won’t let you remove it, look for an admin/management app that must be turned off before it can be uninstalled (labels vary), then restart.

  5. Immediately protect accounts that were used on that phone

    • From a different, trusted device (or a computer you trust), change the passwords for: email (especially your main inbox), Apple ID/Google account, banking, and any password manager.
    • Turn on two-step verification/2FA where available, and review recent sign-ins/devices for your Apple/Google account.

  6. Contact the one place that can stop SIM/number abuse

    • Call your mobile network provider using the number from their official website/bill, ask them to check for SIM swap activity or unusual changes, and add any extra account security they offer (e.g., a passcode on the account).

  7. Report the scam messages (if that’s how this started)

  8. If money or identity details may be involved, report it

    • If you think this is fraud/cybercrime in England, Wales, or Northern Ireland, report it to Report Fraud.
    • If you live in Scotland, report to Police Scotland via 101.
    • If the crime is happening now or you’re in immediate danger, call 999 (or 112).

What can wait

  • You don’t need to decide today whether the device is “totally compromised”.
  • You don’t need to publicly warn everyone, post screenshots online, or confront a suspected person right now.
  • You don’t need to factory reset unless removal + account protection doesn’t restore control (or you’re advised by your provider/IT).

Important reassurance

Seeing an unexpected management profile is frightening, but it’s a common tactic in scams and also something that can happen legitimately (work/school, second-hand devices, repairs). Slowing down, recording what you saw, and regaining account control is the safest first win.

Scope note

This is first-steps-only guidance to stabilise, prevent irreversible mistakes, and regain control. If the phone is work/school-managed or you suspect harassment, later steps may need specialist support.

Important note

This is general information, not legal or professional advice. If you share a device with an employer/school, their management may be legitimate—confirm before making changes that could affect access or data.

Additional Resources
Support us