I suggest you don’t use MS Phone Link if you are concerned with security. It’s very handy but if you text sensitive stuff then it could be hacked. Got this from Brave AI Search:
Phone Link (formerly Your Phone) on Windows presents several security and privacy risks that users should be aware of:
-
Data relayed through Microsoft servers: Personal data such as text messages, notifications, photos, and clipboard content is sent through Microsoft’s cloud servers when using Phone Link, even if the devices are on the same local network. While Microsoft states this data is not stored permanently, it is processed in transit and may include sensitive information like 2FA codes or private messages.
-
Automatic reconnection issue: Users have reported that even after disconnecting Phone Link, the app automatically reconnects when the PC is turned on or the screen is unlocked. This behavior creates a persistent security vulnerability, especially if the PC is compromised.
-
Physical access risk: A cyberstalker or malicious actor with brief physical access to your phone can pair it with their Windows PC by scanning a QR code. Once paired, they can monitor iMessages, call logs, notifications, and even SMS messages without your knowledge—posing a serious risk in cases of abuse or stalking.
-
Security concerns with compromised devices: If your Windows PC is hacked, a malicious actor can access your phone’s data via Phone Link, including 2FA codes visible on the PC. This effectively nullifies two-factor authentication for accounts tied to SMS or authenticator apps.
-
App detection as malicious: Some users have reported that Phone Link is flagged as malicious by security software (e.g., Device Care on Samsung devices), indicating potential security concerns.
Recommendations:
-
Disable Phone Link when not in use and remove the pairing from your phone’s app settings if you’re not actively using it.
-
Check Bluetooth pairings on your iPhone regularly and forget unknown devices.
-
Use iOS Safety Check (Settings > Privacy & Security > Safety Check) to review and manage connected devices and shared data.
-
Keep your PC and phone updated, use strong passwords, and enable multi-factor authentication (MFA) on all sensitive accounts.
-
Consider disabling background app activity for Phone Link and removing Wi-Fi/data access to the app on your phone to prevent syncing.
Bottom line: While Phone Link offers convenience, its security flaws and data handling practices make it risky, especially if your PC or phone is compromised. Use it only if you trust your devices and network, and be prepared to manually manage connections.
