Smartphone security and data privacy is becoming increasingly important, especially as smartphones become the primary communication and entertainment devices for people.
Many people still use unsecure passwords on their devices, however, or connect to dodgy public Wi-Fi networks.
The easiest way to gain access to someone’s personal information and steal data such as passwords or banking details would be to gain physical access to their unsecured device, although man-in-the-middle attacks can be used for a less intrusive attack.
Attacks can also come from places we never expected, and people we have trusted with sensitive information – such as a significant other – may not always be motivated to keep that information secure.
Additionally, spyware or “stalkerware” can be installed on a device to track app usage, messages, files, and location, and send this data to a third party.
The threat of stalkerware
Kaspersky Lab has published research on the stalkerware phenomenon, identifying 26,619 unique samples of stalkerware programmes installed on users’ devices.
“While this kind of software is deemed to be legal, the program’s presence is often both unwanted and unknown by the user affected,” Kaspersky Lab said.
“In some cases, a program’s download page specifically states the software is intended to be used for secretly spying on the user.”
Due to this application of the software, Kaspersky Lab introduced a special alert for stalkerware programs inside its mobile security suite.
“Usually used to spy on partners or ex-partners, there is nothing to stop people using such programs to target specific individuals for malicious purposes.”
“This is often done without the victim’s knowledge, leading to these types of programs being commonly referred to as ‘stalkerware’,” Kaspersky Lab said.
“While functionality varies, it often allows the person who installed it to access their victim’s device information, SMS messages, photographs, social media conversations, geolocation data and, in certain cases, to transfer audio and camera recordings in real time.”
The legal status of these applications remains vague in most countries and they have been criticised and exposed multiple times for their potential to compromise user privacy.
Beware of your ex
Security suites for mobile operating systems include functionality to detect and alert users to stalkerware on their device, and it is a good idea to perform a scan of your device if you suspect it is compromised.
Kaspersky Lab recommends that smartphone users also take numerous steps to prevent stalkerware being installed on their device.
These include conventional security recommendations such as only installing applications and files from verified and safe sources, inspecting background data usage, and uninstalling unnecessary apps.
However, the security firm also noted that the unique risk of stalkerware is installation by someone who you do trust or once trusted.
In the first case, you should never share your passwords with anyone – not even someone you trust or are in a relationship with.
Kaspersky Lab also advised users to change all security settings on their mobile device if they are leaving a relationship.
“An ex may undertake attempts to acquire your personal information in order to manipulate you,” it said.