What if someone is spying on everything you do with your mobile? We have already seen that it is possible to hack an Android mobile if certain conditions are met, and in most cases, there is no key indication that you can use to determine if they are spying on your mobile or not.
If you suspect that someone may have manipulated your smartphone to spy on you, here is how to discover if your mobile is spying on you as well as what steps you can take to avoid it.
Activate Google Play Protect
One of the first steps used by applications used to spy is to ask you to disable any kind of protection that you have on your mobile. On Android, this is generally synonymous with Google Play Protect, the protection pre-installed on most Android phones.
Many spy apps require disabling Play Protect
The reason is simple: Google Play Protect detects many of these applications as malicious, so it prevents them from working and in some cases, you can uninstall them by yourself. If you suspect that your mobile may have been tampered with, it never hurts to check that Google Play Protect is activated.
To do this, open the Google Play side menu and choose Play Protect. If disabled, a red icon warning you. Tap on it and mark Search device security threats to activate Google Play Protect.
If Play Protect was disabled, it is best to go back to the previous screen and force analysis of installed applications, to detect a possible spy application. To do this, tap on the resume analysis button.
Then two things can happen: that Play Protect says that everything is correct, or that it detects the harmful application and ask you to uninstall it. If this is your case, read on to see what other steps you can take.
Check the installed apps
We are talking here about “walking around the house” espionage, and that generally happens through phishing to trick the user into installing a malicious application, or when the spy has physical access to the terminal to do the installation. For example, your boyfriend or girlfriend is careless.
In most cases, we are not facing hacker typing commands at full speed in a terminal until exclaiming Eureka! and have access to the terminal, but something much more mundane: an app. An app that, like any other, can be located and uninstalled. But it takes a good eye.
Don’t be fooled by generic names like “System Service”, “Play Tools” or “Sys Tools”
The developers of this type of application know that if the application were called a Total Spy Monitor or Hacking Control Panel the user could discover them in an oversight so that they camouflage their names and icons to make boring system icons look like “Sync Services” or “System Service”. Your job is to look closely to find apps that are not what they seem.
In the Android settings, go to the section Applications and wait for the list to finish loading. The operation of this list can change from one Android layer to another, but the most important thing is that the system applications are not shown (which, on the other hand, is the standard behavior).
Now comes the tricky part: reviewing the list. I recommend that you go one by one, checking that you know all the applications on the list and that you have installed them on your own initiative. Spy apps generally hide in boring and generic names, and they usually stay in English.
Now, the list also shows system applications that have been updated, so the review may have its thing. If in doubt, tap on an app to view its information. System apps cannot be uninstalled (only their updates), while apps that pretend to be system apps can.
Finding these phonies is as important as uninstalling any other application that has appeared out of nowhere. Apps change and sometimes get redesigns or even a new name, but it never hurts to do some checking.
A good way to know if an app is who it says it is is to look at where it has been installed.
One simple thing you can check is from where an application was installed if it was from Google Play or from its APK. Since spy apps are not allowed on Google Play, they will generally be installed from outside the store. To see it, tap its name in the application list and search Details of the application, in the information.
Generally, this method will help you to uncover the majority of spy applications that we talked about in our article. It is necessary to pay attention to distinguish what is normal from what is not, but it is not particularly complicated.
Check the apps that use the most battery
Spy on the user all day is hard work that drains the battery, especially those apps that take photos or videos of the user or record their position using the GPS. Although they surely have their own mechanisms to minimize their impact and that it is not very obvious, it is an indication that it can indicate that something is wrong.
To do this, go to the settings and enter Battery usage. The location of this menu changes a lot from one mobile to another, so I recommend that you use the search engine. In pure Android, for example, it is a context menu within the Battery section.
Here once again you must use the critical eye to find what escapes the normal. Be aware that malicious applications frequently disguise his name and icon, so just because it says “Android System”, don’t believe it just because. Tap on the app to see if it is who it says it is. You will know because the system apps cannot be uninstalled.
And let’s not forget the data
In addition to draining the battery, spying on what you do constantly also requires considerable data usage especially if you are taking photos with your mobile camera without your permission or receiving the files you have in the gallery.
To check it, go to Android settings and enter the Use of data, generally hidden within the section of Connections and network. Check the apps that use the most data looking for a suspect you don’t know.
If the spy app is smart enough, you probably wait until you have a Wi-Fi connection to sync the data so you don’t raise suspicions. While some mobiles allow you to see the data usage including Wi-Fi connections, in others there is no option.
If you receive messages by SMS or mail about verification codes or new password requests, it is a good reason to suspect. It is possible that someone has your credentials to access some services, but the system “chive” by sending you an email or asking you to enter a verification code.
Most services notify you if someone tries to log in with your account
Most important accounts such as Google, Facebook, or Twitter notify you by mail when there is a suspicious login attempt. Although it could be someone clueless who has misspelled their phone number, email, or account, it is also possible that it is someone trying to impersonate your identity, especially if it happens to you frequently.
What to do if they are spying on your mobile
Ok, you have discovered that they are spying on your mobile, now what? First of all, remember that spying on a mobile phone is illegal, and therefore you can file a complaint before the police. If it is what you plan to do, the best thing is that you turn off the mobile as-is and take it to the police station as a “test”.
Safe mode is your best ally
If you prefer to do without paperwork or suspect that the spy maybe thousands of kilometers from you and the complaint will not be of much use, the best thing is that secure the ground before continuing to use your mobile.
First of all, restart the mobile in a safe mode. This disables all third party applications and almost certainly will prevent spying from going further. The exception would be if the tool has obtained root access and modified the system from within, although this is not common. You can check if your mobile is rooted in apps like Root Checker.
The idea is to use safe mode to avoid being spied on and to be able to uninstall the applications involved. If you’re not sure, you can always factory reset your phone to make sure no trace remains.
Then it’s time to change passwords of all the accounts you have configured on your mobile. The most important is the Google account, but there could also be Facebook, Skype, LinkedIn, Twitter, and more. Especially important are the credentials of banking applications and apps like Paypal.
To avoid similar situations in the future, it is best that activate two-step verification in all the services you can, and if possible not by SMS code, but with specific applications or by notices. This way, even if someone gets your password, they won’t be able to log into your accounts without your knowledge.
When you have everything under control, it’s a good time to think about how spyware got to your mobile, to prevent it from happening again. Basically two possibilities are considered: that it was done by someone who had physical access to the mobile for a few minutes, or that you did it yourself inadvertently believing that you installed something else. This second is somewhat more unlikely, as you should have manually granted multiple permissions to make it work.