“My ex-boyfriend David knew where I was at all times, who I was talking to on email, text messages, social media – all of it. He could see everything. I had no privacy,” says Anna (not her real name), an MIT Technology Review interviewee. Anna started to suspect that David was stalking her just two months after they met: “He made a comment about something I’d only shared privately, in Facebook Messenger, with a relative. After that, I realized he was tracking everything. I didn’t even know it was possible.” As it turned out that David had covertly installed a stalkerware app on Anna's phone. She lived under his constant surveillance for about two years until she escaped, fearing for her life.
What is cyberstalking?
Unfortunately, Anna's story is a textbook example of cyberstalking, or repeated and unwanted surveillance over someone’s life. Modern means of communication provide stalkers with almost limitless opportunities to spy on their victims. Specialized stalkerware can track a person's movements with GPS, monitor their social network activity, their calls, their messages, their photographs, and any other actions on their phone. These programs run hidden in the background, leaving the victim oblivious to their presence. Unfortunately, it is fairly easy to install a stalkerware tool on a victim's phone secretly.
Stalkerware is a term used for legal, commercial surveillance programs that allow covert monitoring and intrusion into a person’s private life.
How the cybersecurity industry declared war on cyberstalking
Eva Galperin, head of information security at the non-profit Electronic Frontier Foundation (EFF), had been working in the field of privacy protection in cyberspace for a few years when she suddenly found out that her fellow investigator was a serial rapist. The saddest thing was that his victims had kept silent, fearing he might destroy their lives. The fact that the abuser was also a hacker made them completely powerless.
Eventually, the story became public knowledge. The colleague was banished from the company in disgrace. Galperin declared a personal war against stalkerware and even posted a call to action on Twitter. She offered personal help to anybody who has suffered from cyberstalking or suspects someone is spying on them. She pledged to conduct an investigation on their behalf and find out if they are indeed being followed. She immediately received around 9,000 retweets and hundreds of responses from victims. Among them were women who had survived a painful divorce or even had their children abducted, girls whose exes were spying on them, and gay men being followed by their conservative parents.
This revealed the actual scale of the issue. So Galperin raised the subject of combating cyberstalking at an annual event that brought together anti-malware vendors.
How we started warning about stalkerware
What about iPhone users?
The scale of the issue
The countries with the most users affected by stalkerware in 2019, according to Kaspersky
- 1. Russian Federation - 26%
- 2. India - 11%
- 3. Brazil - 10%
- 4. United States - 7%
- 5. Germany - 4%
- 6. Italy - 3%
- 7. Mexico - 2%
- 8. United Kingdom - 2%
- 9. France - 2%
- 10. Iran - 1%
- Other - 32%
According to the latest statistics, the number of stalkerware installations worldwide from January to the end of September 2020 amounted to 45,225, compared to 44,368 over the same period in 2019.
7 out of 10female cyberstalking victims
have survived at least one form of physical violence at the hands of their partner, according to a study by the European Institute for Gender Equality.
“There are two things to keep in mind. First, the statistics only cover the devices with our product installed on them, so it's only a part of the picture,” explains Kristina Shingareva. “Second, there are many users who don't use any antivirus solutions on their phones. So you can multiply this number by five or even 10 without hesitation. And this is when it gets terrifying. According to the German police, for instance, Germany had 19,000 reported cases of stalking in 2018 alone.”
The most frequently used stalkerware tool in 2019 was MobileTracker. Kaspersky Internet Security for Android detected that this application had affected 6,559 unique Android device users. The application can be hidden and run in the background as a system tool. It provides remote control of the device, determines the user's location and accesses text messages and instant messaging chats (WhatsApp, Hangouts, Skype, Facebook Messenger, Viber, Telegram, etc.). A stalker can listen in on calls, browse photos and videos in real time, and control browser history, files, calendar, and contacts.
Why we need a coalition to combat cyberstalking
Today, the CAS comprises 26 partners, including the following organizations:
- European Network for the Work with Perpetrators of Domestic Violence (operates in 32 European countries)
- Bundesverband Frauenberatungsstellen und Frauennotrufe and WeisserRing in Germany
- Centre Hubertine Auclert in France
How victim support organizations are dealing with cyberstalking
According to domestic violence experts, as soon as victims learn about surveillance through a phone or tablet, their first urge is to abandon technology completely, to throw away their device, and never use the internet again. It is essential to offer support and explain that this is not an option in such a situation. You have suffered enough as it is. And this is another crime against the individual — a blatant violation of privacy and the right to cyberspace. Specialists even refrain from using the word “victim”. They call these people “survivors” to offer some positive reinforcement and gradually help them regain trust in themselves again, restore their boundaries and keep using phones and the internet in a safe way. Besides, not all of those seeking help at support organizations are women – men reach out for help too.
Is cyberstalking legal?
Anti-stalking legislation worldwide
If you are against cyberstalking too, join the CAS!
We at Kaspersky realize that the problems around the legality of stalkerware and unwanted surveillance require global action from all parts of society. We expect the Coalition Against Stalkerware to attract more partners, including information security companies, human rights advocates, and even law enforcement agencies. You can suggest your own solution or help raise awareness by joining the coalition. Please refer to the initiative's website to learn more about joining, partnerships and the latest news. The information is available in six languages: English, Spanish, German, French, Italian and Portuguese.
How to check if your phone is
being used to spy on you and how to protect yourself
The signs of installed stalkerware include:
- A fast-draining battery.
- Constant overheating.
- Unprompted resets.
- Mobile data traffic growth.
- The possibility of other people having had recent physical access to your phone.
- Applications with suspicious access to GPS tracking, text messages, call recordings and other personal activities.
How to minimize the risk
- Use a complex lock screen password and update it regularly.
- Do not disclose your password to anyone - not even yout family members.
- Regularly view the list of applications you use and remove the ones you do not need.
- Disable the option of third-party application installation on Android devices.
- Protect your Android devices with anti-malware products, such as Kaspersky Internet Security for Android, which detects stalkerware and issues warnings.
- If you are an iPhone user, do not leave your phone unsupervised (of course, the same, goes for Android device owners).
What to do if someone is cyberstalking you
In some cases, the abuser gets a notification if their victim removes the application, which could provoke aggression. Therefore, Kaspersky recommends that victims should start by reaching out to local support organizations to discuss ways of dealing with the situation. It is best to use a different device for this interaction and make sure the phone with installed stalkerware is out of reach.
In the special section Get Help — > Resources on the Coalition Against Stalkerware website, you can find a list of organizations that offer phone consultations and even temporary shelter if your life is in danger.