A whole mini-industry has appeared over the past couple of years selling monitoring software, or more treacherously, trojan spyware and code that can hide itself, so you don’t even know it’s on your device. For just a few dollars, individuals can get their hands on an app which can monitor everything you do on your device. This includes SMS messages, GPS coordinates/location, emails, browsing activity, keystroke logging, and photo/video/audio recording.
Let’s be clear: it’s when monitoring software—and certainly, spyware—is used for stalking that it really becomes stalkerware. That means firms selling monitoring software may be operating in a grey area ethically and legally, depending on how the software is used. While they’re technically legitimate, the surveillance software is usually branded in such a way as to keep them just this side of the law. Think of concerned parents who want to ensure their children are safe, or of employers who want to ensure their staff are where they should be during work hours. That said, those who use such software to spy on individuals without their knowledge or consent are violating ethical standards and breaking the law. And if the software or code is specifically designed to hide itself, as with trojan spyware or spying code—then a line has certainly been crossed. You’re now neck-deep in the shady gumshoe world of stalkerware.
Stalkerware, or the use of monitoring software for stalking, represents not only a gross intrusion into your privacy but also a possible security concern if the companies running these apps are themselves hacked or accidentally leak data belonging to victims of their customers.
How do I know if my phone has been hit?
It can be quite difficult for users of stalkerware to install the spying app on your device without physical access to it. However, malicious links in emails, texts, on websites, or even on social media could represent a potential threat vector if attackers manage to trick you into clicking through to an unwanted install.
While ‘legitimate’ GPS trackers and the like (such as Life360 and other monitoring apps) are available on Google Play and can be installed as visible apps, stalkerware is typically available on 3rd-party app stores, is installed without the user’s consent, and will do its best to stay hidden on your device, potentially disguising itself under different app or process names.
So here are a few things you can do to spot the tell-tale signs something is not quite right:
- Check the setting which allows apps to be downloaded outside the official Google Play store (which doesn’t allow stalkerware). The UI can vary depending on manufacturer, but try Settings -> Security -> Allow unknown sources. If it’s on and you didn’t turn it on, you might have a problem.
- Check to see if there are any unusual apps on your phone that you can’t remember downloading/installing.
- Check Settings -> Applications -> Running Services to see if there are any unusual-looking services running on your device. Try Googling ones you’re unfamiliar with.
- Stalkerware could slow your device down, so if you’re noticing any major hit to performance, it could be worth investigating further.
- Of course, if you start getting messages from the stalker, as in “I’m watching you!” it’s time to scour your device for the offending spying app or code.
How do I keep my device secure?
By its very nature, stalkerware is designed to stay hidden, so it can be hard to spot. But here are a few ideas to keep your device, and life, free from unwarranted snooping:
- Don’t click on suspicious links in unsolicited emails, texts, social media messages, etc.
- Install AV on your device from a reputable vendor who’s publicly addressed the stalkerware problem, to help spot any unusual/malicious activity like keylogging—as well as (potentially) the stalkerware itself. If the AV can catch potentially unwanted applications (PUAs), it could spot the stalkerware, though the AV industry as a whole needs to improve its algorithms for protection from stalkerware.
- Keep an eye on what apps have been installed on the device.
- Switch on two-factor authentication for your online accounts, so that even if a third-party has your passwords, they won’t be able to log-in as you, particularly for financial accounts.
- Use a Password Manager to store long, strong and unique passwords for all your accounts, out of reach of a snooper.
Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information. Fueled by decades of security expertise, global threat research, and continuous innovation, our cybersecurity platform protects 500,000+ organizations and 250+ million individuals across clouds, networks, devices, and endpoints. Trend Micro Initiative for Education
Copyright © 2023 SCORE Association, SCORE.org
Funded, in part, through a Cooperative Agreement with the U.S. Small Business Administration. All opinions, and/or recommendations expressed herein are those of the author(s) and do not necessarily reflect the views of the SBA.