‘Stalkerware’ Apps Are Proliferating. Protect Yourself.

FightingIt’s hard to be stalkerware. You may not suspect it’s there. EvenIf you did, it may be difficult to spot because antivirus software recently flagged these apps as malicious.

Here’s a guide to how stalkerware works, what to look out for and what to do about it.

The Different TypesOf Stalkerware

SurveillanceAlthough software has been around for decades on computers, spyware makers recently turned their attention to mobile devices. BecauseMobile devices now have more intimate data than ever, including photos and real-time location. These apps are known as stalkerware.

VariousDifferent types of information are collected by stalkerware apps Some record phone calls, some log keystrokes, and others track location or upload a person’s photos to a remote server. ButThey all work the same way in general: An abuser with access to a victim’s device installs the app on the phone and disguises the software as an ordinary piece of software, like a calendar app.

FromThe app is running in the background and the abuser later retrieves the data. Sometimes, the information gets sent to the abuser’s email address or it can be downloaded from a website. In other scenarios, abusers who know their partner’s passcode can simply unlock the device to open the stalkerware and review the recorded data.

Self-Defense Steps

SoWhat to do? The Coalition Against StalkerwareThe foundation of, was established by Ms. GalperinThese tips were offered by security companies and other groups.

• LookFor unusual behavior on your deviceLike a rapidly draining battery. ThatIt could indicate that there is a stalker application running in the background.

• Scan your device. SomeApps, such as MalwareBytes CertoNortonLifeLock Lookout, can detect stalkerware. ButTake a look at all of your apps and be thorough to find any unusual or suspicious information. IfWhen you discover a piece stalkerware, take a moment to pause before you remove it. ItYou may have some useful evidence to support your claim to the police.

• Seek help. InYou can also report stalking behavior to the police and seek help from resources such as the National Domestic Violence HotlineOr the Safety Net ProjectHosted by the National NetworkTo End Domestic Violence.

• AuditOnline accountsTo see which apps or devices they are connected to, On Twitter, for example, you can click on the “security and account access” button inside the settings menu to see which devices and apps have access to your account. LogAnything that appears shady is best.

• ChangeYour passwords and passcode. It’s always safer to change passwords for important online accounts and avoid reusing passwords across sites. TryFor each account, create long and complex passwords. SimilarlyMake sure that your passcode is hard to guess.

• Enable two-factor authentication. ForTwo-factor authentication is required for any online account. It requires you to provide two forms of identification before you are allowed to log in. SayFor your login, enter your password and user name Facebook account. That’s Step 1. FacebookThe next step is to enter a temporary code that an authentication app generated. That’s Step 2. With this protection, even if an abuser figures out your password using a piece of stalkerware, he or she still can’t log in without that code.

• OnCheck your iPhone settings. A new stalker app, WebWatcher, uses a computer to wirelessly download a backup copy of a victim’s iPhone data, according to CertoMobile security firm,. ToOpen the door to defend yourself SettingsTake a look at it in the app General menu to see if “iTunes Wi-Fi Sync” is visible. IfIf it appears, disable this option to prevent WebWatcher storing your data.

  AppleThis was not considered an iPhone vulnerability, as it required an attacker on the same device. Wi-Fi network and have physical access to a victim’s unlocked iPhone.

• Start fresh. BuyingTo get rid of stalkerware, you can either buy a new phone or erase all data from your old phone.

• UpdateSoftware. AppleAnd GoogleSoftware updates are regularly issued that contain security fixes. This can be used to remove stalkerware. Make sure you’re running the latest software.

In the end, there’s no true way to defeat stalkerware. Kevin Roundy, NortonLifeLock’s lead researcher, said he had reported more than 800 pieces of stalkerware inside the Android app store. GoogleThe apps were removed and the policy was updated. OctoberDevelopers are forbidden from selling stalkerware.

ButTo take their place, many others have emerged.

“There are definitely a lot of very dangerous, alarming possibilities,” Mr. Roundy said. “It’s going to continue to be a concern.”