Spyware, stalkerware, bossware – you may have heard about some of the different types of malicious software that can be installed on your device to track your activity and turn your device into a “mic.” Does such software represent a real danger? Here is what you and your employees should know about these types of malware to protect your privacy and avoid having credentials stolen.
Imagine checking your phone and suddenly seeing this message: “We know your password is XYZ – and we know much more than that! Unless you pay us, private videos of you will be sent to your friends and colleagues.” Reading an email like this might leave the recipient shocked and scared. Cyber blackmail and sextortion scams often are presented as more terrifying than they really are – which does not, however, make them less of a real issue.
If you have ever received an email similar to the one above, it is likely that cyber-attackers have nothing more on you than your password. While that is already a serious security risk, it is also more common than you might think. Cybercriminals searching for leaked login credentials on the dark web is a basic practice. They then use the passwords to blackmail and/or pressure people into sending them money or data. But is it possible that someone is actually stalking you via your device?
Unfortunately, the answer is yes. Various forms of malware, for instance, spyware and stalkerware, may be used to track your activity without you knowing. What is the difference between the two?
You may have also come across bossware – software that is used to monitor employees’ activity on their work devices. Ever since the pandemic and the increase of people working from home, the use of bossware has become more common. Bossware has often been viewed as a grey area – it can be installed legally, and it should be used purely for occasional work-related monitoring, but it can represent a privacy issue, since employees often have no way of determining how much information it tracks or for what purpose.
The case of Pegasus Spyware can also be used for political reasons – such as the famous Pegasus spyware. It was created by an Israel-based security company in 2016 and has been installed on devices of journalists, activists, and businesspeople around the world to track their activity. Its original use was to detect criminal and terrorist activity, but unfortunately, the software was ultimately used maliciously by authoritarian regimes to monitor and control their opponents. Pegasus was previously used by Western intelligence and law enforcement agencies, but nowadays, the very same organizations are fighting against its use, and Apple has tried to disable the software with various OS updates. |
To return to the opening example, while spyware and stalkerware often appear alongside the topic of cyber blackmail, it is very unlikely that criminals will use access to your device to get personal footage of you and then blackmail you with it. If you ever receive an email urging you to pay money unless you want your personal footage released, don’t fall for it – it is likely just a trap. Still, it pays off to check your device and make sure there are no signs of spyware in it.
How to recognize whether you have been compromised by spyware
1. Unusual changes in your device’s performance. Malware may need to use your internet data as well as your battery to function, which can result in faster battery drain, spikes in internet data usage, or slower response time. While these signs may not be a reason for concern, consider further checking your computer for any unusual finds.
2. Unknown apps on your computer. Try to do a malware scan, and check which apps are currently running on your device. If you don’t know some of them, consult with your IT team.
3. Strange videos or pictures. Criminals may take videos of you through your webcam and send the footage to themselves, but sometimes they leave traces behind – such as unusual videos or pictures. If you find any of those in your folders, contact IT to get your device checked.
4. Your camera’s control light goes on without you using it. Even though cybercriminals may be able to turn the light off, sometimes they fail in their attempts to deactivate it.
5. Your settings are changed. Cybercriminals may try to change your settings and make their malicious attempts easier for themselves. Check your security settings, and if you see that they have been disabled without you knowing, contact your IT team.
What about stalkerware? For stalkerware, the signs of it being installed into your phone are the same, but there is also the additional psychological factor – such as someone knowing a bit too much about your online habits and offline whereabouts. If you believe that someone has installed stalkerware on your device without you knowing, collect any possible evidence and contact legal authorities. |
You’ve got a message from a hacker – what now?
1. Don’t panic. Before you do anything, remember that cybercriminals often hope to manipulate you into rushed actions using false information, so anything stated in their message may be untrue.
2. Don’t interact. The messages may include hidden malware, so avoid clicking on any links, attachments, or images.
3. Don’t pay. Paying cybercriminals only helps them to continue with their illegal businesses, and in most cases, not paying the ransom may not lead to any consequences.
4. Don’t leave your accounts unsecured. Cybercriminals may target their victims based on lists of leaked credentials. Try to regularly change your passwords, use different passwords for each of your accounts, and use a password manager so you can keep track of them. If you want to know whether your credentials have ever been leaked, visit Have I Been Pwned?
5. Be active. If you receive an email that worries you or that attempts to force you to take specific actions, contact your IT department. They may determine whether your laptop is safe or malware has been installed, and they will help you resolve the situation. They can also assist you in avoiding similar situations in the future by securing your device or by installing a cybersecurity solution and an anti-spam solution.