A survey last year of 10,000 adults across ten countries found that almost 1 in 10 who had been in a romantic relationship admitted to using a stalkerware app to monitor a current or former partner’s device activity. Creepy.

The number of devices reporting stalkerware samples on a daily basis also increased by 63% between September 2020 and May 2021. The same report said 250,000 devices were compromised with more than 6,000 stalkerware variants in May 2021 alone. And many devices were infected with multiple stalkerware apps.

Spyware and stalkerware is essentially unethical and sometimes dangerous software that can lead to the theft of data including images, video, call logs, contact lists, and more.

Whether fully-fledged cybercriminals or your nearest and dearest, or exes, they can all use the software to:
  • Monitor emails, SMS, and MMS sent and received
  • Intercept live calls for the purpose of eavesdropping across standard telephone lines or Voice over IP (VoIP) applications,
  • Record environmental noise or take photos
  • Track GPS locations
  • Compromise commonly-used social media apps including Facebook and WhatsApp.
Spyware is usually more generic in purpose than stalkerware:
  • Stealing OS and clipboard data and anything of potential value, such as cryptocurrency wallet data or account credentials.
Stalkerware, however, is downloaded to spy on someone as an individual, usually in cases of domestic abuse.
  • Spyware and stalkerware are found less commonly in large companies, although some software solutions are marketed for companies to keep track of employee mobile devices and their activities.
  • The lines here can be blurry, but if a mobile device belongs to a company and is used by a staff member in the full knowledge that it is tracked or monitored, then this may be considered accepted as part of a workspace.
  • In these cases, employees should keep their private lives, social media, and emails on their own smartphone or tablet and off company property.
There are lots of spyware and stalkerware apps but these are the most common:

SpyPhone Android Rec Pro: This can listen in on the background noise of calls and record them, intercept and send copies of SMS and MMS messages sent from the victim's phone; send activity reports to the spyware operator’s email address; and more.

FlexiSpy: Can monitor both Android smartphones and PCs and is willing to deliver a device with the malware pre-installed to users. The spyware:
  • Listens in on calls
  • Spies on apps including Facebook, Viber, and WhatsApp
  • Turn on the infected device's microphone covertly
  • Record Android VoIP calls
  • Extracts content such as photos
  • Intercepts both SMS messages and emails
PhoneSpector: Designed for both Android and iOS handsets, it claims to offer a means to get texts, call history, GPS location, and more without having the phone in your possession.

Mobile Tracker, FoneMonitor, Spyera, SpyBubble, Android Spy, and Mobistealth are a few more examples of spyware and stalkerware which offer similar features.

Warning signs
  • If you receive unusual social media messages or emails, this may be a warning sign. You should delete them without clicking on any links or downloading any files. The same goes for SMS content, too, which may contain links to lure you into unwittingly downloading spyware.
  • Messages may contain content designed to induce panic, such as a demand for payment or a failed delivery notice. Messages could potentially use spoofed addresses from a contact you trust as well.
  • With stalkerware initial infection messages may be more personal and tailored to the victim.
  • If your mobile goes missing and reappears with different settings or changes that you do not recognize this may be an indicator of tampering.
By design, spyware and stalkerware are hard to detect and can be just as hard to remove. It is not impossible but it may require some drastic steps. When it comes to more advanced spyware suites, however, the only option may be to abandon your device.

When removed, especially in the case of stalkerware, some operators will receive an alert warning them that the victim's device has been cleaned up. In addition, should the flow of information suddenly cease, this is a clear indicator that the malicious software has been eradicated.

If you feel your physical safety may be in danger, do not tamper with your device. Reach out to the police and record your interactions with the police.

Removal and steps for self-protection
  • Run a malware scan.
  • Change all of your passwords.
  • Update your operating system.
  • Protect your device physically with a new PIN code, pattern, or enable biometrics ID
  • If all else fails, factory reset or get rid of the device.
  • Some stalkerware may survive factory resets. So, failing all of the above, consider restoring to factory levels and then getting rid of your device.