This February, the fourth season of the popular Netflix series, You, started, with viewers tuning in once again to follow the exploits of Joe Goldberg, an obsessive young man going to extreme lengths to insert himself into the lives of those he is transfixed by. Although Joe has made viewers’ hearts beat faster since the show first aired in 2018, the romanticisation of his behaviour raises serious issues about the unacceptable problem of stalking – both online and offline – in our society.
A common form of digital stalking is so-called stalkerware, a commercially available software that can be discretely installed on smartphone devices. Along with other technologies, stalkerware is often used in abusive relationships, enabling perpetrators to monitor an individual’s private life without their knowledge. Stalkerware has also been connected to other forms of violent behaviour.
Stalkerware figures: 2022
According to Kaspersky, 29,312 people worldwide were affected by stalkerware in 2022. Cases in all countries show that stalkerware is a global phenomenon that is currently affecting all societies, with the Coalition Against Stalkerware estimating that the use of this form of software worldwide could be close to one million cases annually.
“It is important that we do not romanticise the behaviour as seen in You, but instead denounce it for what it is: stalking. Regardless of whether it is happening online or digitally stalking and stalkerware is a form of violence,” says Christina Jankowski, Senior External Relations Manager at Kaspersky. “There are real life stories behind the numbers of those affected which is why it is important to take active action against it. To gain a better understanding of stalkerware, Kaspersky is sharing insights with the global cyber community and aiding organisations in the fight against digital stalking. All relevant data and information on this issue must be shared for the benefit of those affected by cyber violence to further improve the level of detection and protection.”
“Stalking is a criminal, traumatic, and dangerous offence. Yet movies, TV, and music consistently present stalking as desirable, cute, sexy, and/or flattering – but in real life, it’s unwanted, terrifying, and illegal,” comments Karen Bentley, CEO at WESNET. “As peak body for Specialist Women’s Domestic and Family Violence Services in Australia we work with many victim support organisations where survivors come to seek help with this problem. Hence, it’s so important to build the capacity of these organisations and educate the public that this type of behaviour is unacceptable. To that end, we are pleased to be working with Kaspersky and all of the partners from the Coalition Against Stalkerware.”
Practical Help: Coalition Against Stalkerware and TinyCheck
In 2019, Kaspersky alongside nine other companies and organisations founded the Coalition Against Stalkerware, which today counts more than 40 members worldwide. The Coalition’s mission is to improve the detection of stalkerware, combat domestic violence, promote knowledge sharing among non-profit organisations and companies, and raise public awareness about the problem.
Kaspersky’s consumer security solutions protect against stalkerware, regularly scanning devices and displaying suitably clear warnings, including recommended actions, if detected.
Furthermore, Kaspersky has developed the free open-source tool, TinyCheck, which enables the detection of stalkerware in a simple, fast and non-invasive way on an affected device without alerting the perpetrator. TinyCheck is secure in its use by help organisations and it does not read the contents of an individual’s communications (such as SMS or emails). It only interacts with the online servers/IPs connected to the smart device. TinyCheck does not know who an individual is communicating with or what is being said, and the network record of the analysed device is not shared with neither Kaspersky nor third parties receive this data. All analysis is carried out locally.
Kaspersky recommendations for those affected by stalkerware:
- Reach out to a local support organisation. To find one close to you, check the Coalition Against Stalkerware website www.stopstalkerware.org/. The website also includes an explanation video, which provides helpful information for victims to better recognise the warning signs of stalkerware and recommends further steps and behaviours to take or avoid.
- Do not try to erase the stalkerware, change any settings or tamper with your phone. This may alert your potential perpetrator and lead to an escalation of the situation. You also risk erasing important data or evidence that could be used in a prosecution.
- Keep an eye out for warning signs including fast-draining battery due to unknown or suspicious apps using up its charge and newly-installed applications with suspicious access to use and track your location or with otherwise not logically explicable functions; inexplicable detailed knowledge of third parties.
- Check if your “unknown sources” setting is enabled, as this may be a sign that unwanted software has been installed from a third-party source. It is important to note that the above signs are only symptoms of possible stalkerware installation, not a definitive indication.
- Use a proven cybersecurity solution such as Kaspersky Free on Android. However, if there is a suspicion that a stalkerware is already running on the smartphone, this should only be done after a risk assessment of the person concerned – preferably together with a support organisation – otherwise the perpetrator might notice the newly deployed cybersecurity solution.
Kaspersky recommendations for protection against stalkerware on mobile devices:
- Protect your phone with a strong password that you never share with your partner, friends or colleagues.
- Regularly check the permissions of installed apps. Stalkerware apps can be disguised under a fake app name.
- Delete apps that are rarely or never used.
- Check personal browsing history. In order to download stalkerware, the perpetrator must visit websites that the affected user probably does not know. Alternatively, there could be no history at all if the perpetrator has deleted it.
- Deploy a proven cybersecurity solution that protects against all types of mobile threats and checks the device regularly.