What is stalkerware?
Stalkerware is a malicious form of spyware that allows an external user to access, manipulate, and control data remotely. Often marketed as a way for parents to monitor their children or bosses to monitor their employees (yikes), stalkerware is designed to operate quietly in the background of your mobile device. It’s capable of viewing—and sometimes even sending—messages within a variety of apps, record phone calls, take photos, track browsing history, monitor GPS location, and steal passwords.
Currently, laws aren’t specific or strong enough in most countries to close the “parental concern” argument, but even if stalkerware isn’t universally classified as malware, Russian cybersecurity company Kaspersky notes that most anti-virus software will still flag anything they deem malicious. The App Store and Google Play also remove suspicious apps from their library, so you can usually trust verified downloads.
Stalkerware can be installed on your device in two ways: either through an app download by someone with physical access to your phone, or remotely via phishing, where an email or website convinces you to click on a false link that allows the software to be installed in the background without your knowledge.
How to detect if your phone’s been tampered with
First of all, trust your instincts.
- Was the phone a gift from someone?
- Could anyone know your PIN/pattern, or have accessed your device while it was unlocked?
- Have you noticed anything off about your phone lately—poor battery life, less storage space than expected, any apps you’re unfamiliar with or don’t remember downloading?
If you do see an app you don’t recognize, start sleuthing; an Internet search should help you figure out whether it’s legit and where it could have come from.
- If you have an iPhone, look for the Cydia app, which while not stalkerware itself indicates that your phone is jailbroken, leaving you open to unverified software installation.
- If you’re an Android user, go into your security settings—if “unknown devices” is switched on, allowing apps to be downloaded from outside of Google Play, you’re susceptible to stalkerware and your device may have been compromised.
Stalkerware is by design hard to detect and remove, but a mobile anti-virus program is one way to track down potential security threats. Performing a factory reset may wipe any traces of spyware from your phone as well, though it’s not guaranteed (and keep in mind this will remove all apps and files, so make sure you’ve backed up what you want to keep first!). If you have the resources or it’s time for an upgrade, getting a new device is an option, too.
Safety & additional resources
Even if you haven’t been exposed to stalkerware, it’s always a good idea to do a periodic digital security check.
- When was the last time you changed your passwords, especially to your email account(s)? If you have the financial means, using a program like 1Password or LastPass can help you keep passwords complicated and secure without having to remember each distinct key.
- Enable two-factor authentication (2FA) to make the login process more secure as well.
- Be sure to keep your devices up-to-date as new OS versions are available, and though a PIN or pattern can be cracked, it doesn’t hurt to lock those phones, babes!
Also consider how much of your own data you’re sharing—is your GPS always on? Do you share your location on Instagram and Facebook? How secure is the password for the app you use to track your run or hike? Sometimes stalkerware isn’t needed for others to track your location, so be mindful of what you allow apps to share on your behalf.
Because it’s often employed by manipulative and abusive intimate partners, stalkerware is sometimes also referred to as “spouseware.” If you find spouseware on your phone, know that verbal conversations you have on or near your device may be monitored, as well as digital communications like emails and texts.
If the stalkerware is removed, whoever’s behind it may notice when the information ceases to be available. Keep this in mind and consider using a different device to reach out to organizations like the National Domestic Violence Hotline, Proyecta Unica (specific to the Latinx community), Domestic Violence Resource Center, Safe Horizon (stalking-specific), the UK-based stalking resource center Paladin, and countless other hotlines and centers available across the world to help you reclaim your privacy and safety.