Stalkerware is a term referring to apps that can be installed on a mobile device such as a smartphone or tablet. It allows the app installer to remotely access a range of personal data and monitor the device user’s activities.

Such apps are often to spy on people, hence the sinister-sounding name. Businesses are also using stalkerware-like apps to monitor their employees.

Though apps like this are ethically dubious, they’re more widespread than you might think. Just recently, Google removed seven stalkerware apps from the Google Play Store, but not before they’d been downloaded a total of 130,000 times. Another recent study found that over 58,000 Android users had stalkerware apps installed on their devices, the majority of whom didn’t even know they were there.

What is stalkerware capable of?

Stalkerware can be installed on a device without its user’s knowledge or consent to gain access to information, including:

  • Text messages and phone call logs
  • GPS location
  • Contact lists
  • Keystrokes
  • Calendar entries
  • Browser history
  • Emails
  • Social media messages
  • Stored media like photos and videos

Some stalkerware apps are even capable of eavesdropping on phone calls or allowing installers to make video and voice recordings remotely.

Stalkerware in the workplace

Stalkerware apps might seem like they have no place in the workplace, but they are often marketed as having a more legitimate purpose. This includes monitoring employee activity and productivity by tracking their location, performance and communications during working hours.

Employee monitoring of this nature is actually quite common. A recent study found that over 50% of companies use some kind of non-traditional monitoring techniques, such as the tracking of emails or social media messages. By 2020, it’s predicted that 80% of businesses could be using stalkerware-like apps to monitor their employees.

Using apps to track employee performance and activity isn’t necessarily unethical, however. As long as the device on which the app is installed is company-owned and employees are made aware of how and why they are being tracked, companies can steer clear of abusing employee rights and straying into morally grey territory.

Stalkerware apps are still risky

Although stalkerware apps have the potential to be used in an honest and ethical way by businesses, there are still a number of risks to consider.

Firstly, many of these apps are distributed via dedicated landing pages rather than official outlets like the App Store or Google Play Store. Installing apps that aren’t hosted on official stores can leave iOS and Android devices vulnerable to malware.

Secondly, stalkerware apps often demand a lot of system rights, such as the ability to install other potentially unsafe apps on a device. They often prompt users to disable antivirus software too, which can further compromise the security of a device.

Finally, the way these apps work means any data they collect is particularly vulnerable. Stalkerware users access collected data via a server but they’re usually not the only people able to view it. App developers often have access and if their server is breached, sensitive data can end up in the hands of cyber attackers and phishers.

Consult a security specialist first

Using stalkerware apps can leave your business’s data and information vulnerable to exposure and exploitation. Here at CBSIT, we offer a range of cybersecurity services and solutions and can advise your business on safe app usage and how to keep sensitive company information secure.

Contact us to discuss your company’s security requirements and keep up to date with the latest technology news on the CBSIT blog.