Think about everything you've done with your mobile device or computer today. If you're like many of us, you've probably posted to or browsed social media, looked up directions to an important meeting, sent business-related email, and corresponded with your colleagues via text. Now, imagine if someone had on-demand access to all that information. What's more, imagine if they could peruse your social media, pinpoint your real-time location, watch and listen in through your camera and microphone, and even access your call logs and chat messages. Unfortunately, this imagined scenario is all too real. Stalkerware allows cybercriminals to stalk you and your business without your knowledge or consent. While this is the stuff of our tech nightmares, stalkerware can be detected, removed, and most importantly, prevented. Read on to learn about what it is, how it gets onto your device, how to find and remove it, and how Paubox's Email Suite keeps your organization safe.
What is stalkerware?
Stalkerware is a type of malware that allows a cybercriminal to monitor your device without your knowledge or consent. Oftentimes, it comes in the form of a malicious app, device, or program that is installed on your computer or mobile device via a malicious link or physical tampering. Typically, malware—such as ransomware , adware , and trojans —cause your devices to perform more slowly, display ads, or install unknown apps and programs. However, devices infected by stalkerware may exhibit little to no signs that anything is amiss. But according to the Coalition Against Stalkerware , this type of malware can access everything from your device's location and call logs, to photos, social media activity, cameras, microphones, files, and text messages. Although the information gathered can be used to commit cybercrime, a hacker’s sole purpose in installing stalkerware is to gain access to and control over sensitive information for the purpose of harassing individuals or organizations. What's more, while most people think of cybercriminals as dark, shadowy figures, stalkerware could be installed on your device by a loved one, colleague, current or former romantic partner, or business partner.
How does stalkerware find its way onto devices?
While stalkerware most often affects mobile devices, it can also find its way onto a computer or laptop. Just as with other types of malware, stalkerware infiltrates a system via human error . By opening attachments or clicking on unknown links, users can inadvertently expose their networks—along with sensitive patient data—to the third party who targeted them. On mobile platforms—like Android and iOS—stalkerware infects systems via a different route. While users can accidentally download stalkerware via unknown links or attachments, it is more commonly loaded via malicious Ap and Play Store apps , sideloading, browser installations, and compromised passwords. While both Google and Apple do their best to remove malicious apps from their marketplaces, some inevitably slip through the cracks. According to Traced, watch out for apps used for parental monitoring, employee tracking, and mobile device management (MDM). To minimize the chances that you or your employees are installing stalkerware, be sure to carefully read through reviews, marketing materials, and permissions an app requests from each device.
Stalkerware is hard to detect. It can masquerade as a harmless file management app or be altogether hidden from view. But there are still a few steps you can take to detect and remove stalkerware from your computers and mobile devices. First, if you're using an iOS device, Apple's walled garden approach prevents stalkerware from infiltrating system files. The one big exception to this rule is if you, or someone with access to your iOS device, jailbreaks and sideloads third-party apps or has a compromised iCloud account. Next, while Google does its best to screen and remove malicious apps, stalkerware can still be installed onto your Android device if it was set up by someone else or if it lacks adequate security, i.e. a password, PIN, or biometric security.
If you suspect your mobile device has been compromised by stalkerware, take the following steps:
- Make a note of any unusual behavior—a phone that gets too warm too quickly, abnormally fast battery drainage, or longer than normal shutdown and boot up times
- Refer to Google and Apple's instructions for viewing all installed apps on your device, making note of any that you didn't install and ones that weren't part of the factory settings
- Lastly, check your device's menus for any unusual settings or options that weren't there to begin with
The steps for detecting and removing stalkerware from your computer are much the same as the ones taken for your mobile device.
- Pay attention to any unusual logins or activity on your email or social media accounts
- Keep your computers secured with passwords and locks
- Do not write down passwords or use the same ones for multiple accounts
- Turn on two-factor authentication
- Do not click on or download unknown attachments or links
- Keep a close eye on what programs are installed on your system, by whom, and why they're there
How can Paubox block stalkerware?
As with many other things in life, prevention is key. HIPAA compliant email is crucial to keeping your patients' and your business's data safe from stalkerware. But even with the best cybersecurity precautions in place, back-to-back meetings, looming deadlines, and human error may give cybercriminals just enough of a foothold to install stalkerware and compromise your data. Paubox Email Suite guards your business and patients from human error by making the process of sending HIPAA compliant email seamless and automatic. It integrates with Google Workspace , Microsoft 365 , and Microsoft Exchange. What's more, since Paubox automatically encrypts all emails, neither you nor your patients will need to do anything differently. All your emails are automatically encrypted and delivered to your patients’ inboxes without the need for passwords or portals. Our Plus and Premium plan levels also provide inbound email protection against all forms of malware. And with our patented feature ExecProtect protecting you from display name spoofing emails, you can rest assured that the sender is really who they say they are.