Three ways to unmask a mobile spy

Three ways to find a surveillance apps on your smartphone.

hree methods to find out if spyware or stalkerware apps are lurking on your smartphone

On their face, spying apps might seem like something out of a thriller, of concern to high-rolling politicians, prominent business people, and celebrities, not regular folks. In reality, though, you don’t have to be Jeff Bezos for someone to want to track you. It could be that your employer (or other half) wants to know what you’re getting up to outside the office (or home).

If you suspect that someone might be spying on you through your smartphone — or even if you don’t — use these tips to investigate.

How to find a mobile spy by yourself

Although spying apps try to conceal themselves, most reveal their presence in one way or another. Mobile data running out quicker than expected or the battery dying similarly fast are two red flags. If you notice either problem, be on your guard and check which apps are consuming your phone’s resources. The settings you need have different names depending on the device; look for something like Data usage and Battery, respectively.

If the device turns on Wi-Fi, mobile Internet, or geolocation, even though you turned them off, again, look at which apps are eating data and accessing your location. For more information, see our post about checking Android permissions, or read about iOS permissions on Apple’s website.

If you don’t find anything on your Android phone, but you still suspect someone may be spying on you, check which apps have access to Accessibility (Settings -> Accessibility). Accessibility lets apps snoop on other programs, alter settings, and do a lot of other things acting as the user. That makes the permission very useful to spyware. When we say Accessibility is one of the most potentially dangerous permissions in Android, we really mean it. Give that kind of access to your antivirus utility, but nothing else.

How to find a mobile spy using Kaspersky Internet Security for Android

Not up for a manual search and destroy? Android device owners should check out our mobile security solution. Kaspersky for Android will unmask any traitors, even if you have the free version.

Because of the legally disputed status of stalkerware, many security solutions classify some problem apps as not-a-virus. You’ll still get a warning about it, though, so always read antivirus alerts carefully.

That said, that method does have one drawback: Some surveillance apps notify their owners if antivirus protection is installed on the device. If you’re worried about being tracked by, say, a jealous spouse, it may be better not to let them know about your suspicions, so, to help users spot a spy without giving themselves away, we created a mobile spycatcher called TinyCheck. TinyCheck works equally well for Android and iOS.

How to find a mobile spy with TinyCheck

We originally developed TinyCheck to help victims of domestic abuse, but we quickly realized it could be of use to anyone at all. The current version does require some technical know-how and a willingness to fiddle with hardware, however.

That’s because TinyCheck is installed on a separate device, like a Raspberry Pi microcomputer, not on a smartphone. This separate device must be configured to act as an intermediary between the router and the Wi-Fi-connected gadget — but the payoff for that work is knowing that any spyware on the phone can’t see our software.

Once it’s installed, all of your Internet traffic will pass through TinyCheck, which analyzes it in real time. If your smartphone sends a lot of data to a known spyware server, for example, TinyCheck will notify you. Here’s how it looks in practice:

Detailed technical requirements and instructions for setting up TinyCheck are available on the solution’s GitHub page.

TinyCheck addendum for the nongeeky

If you think a Raspberry Pi is something to buy in a bakery, you’ll probably be better off getting an IT pro to configure TinyCheck for you. Better yet, find someone you know and trust 100%. You should obviously avoid asking anyone you suspect might be connected to the spyware; if you give them access, they’ll probably whitelist the app to keep it off TinyCheck’s radar.

How to avoid surveillance

If one of the above methods unearths spyware on your smartphone, think twice before deleting it. The person who installed it will notice, and that could make things worse. (Uninstalling the program also could erase evidence that you might need later.)

As with all facets of security, take protective measures first. For example, if you’re being tracked by a potentially violent partner, before doing anything with the spy app, contact a help center for victims of domestic abuse (see here for information).

In some cases, it’s easier to replace your smartphone altogether, and then make sure that no one can install spying apps on the new device:

  • Protect it with a strong password that you never share with your partner, friends, or colleagues;
  • Install a reliable security solution immediately, and scan the device regularly;
  • Change the passwords for all of your accounts, and don’t share them with anyone either;
  • Download apps only from official sources such as Google Play or the App Store.

For more information about spyware and how to deal with it, visit the Coalition Against Stalkerware, which brings together domestic abuse organizations and the security community.

Tips