How to Catch Someone Snooping in Your Phone
Snooping on a phone, computer or other mobile-device is not that hard in today’s day and age. Digital communication and cloud-based data transfer is a blessing but a double-edged sword as well. Just as much as a phone can simplify and streamline our lives it also puts our entire identity at risk.
With the right software installed, an attacker will not only be able to find exactly where you are and what you are doing but grab your Facebook and Twitter accounts in the process and stream a video of you eating lunch to his or her friends.
Fortunately, there are many ways how to catch someone snooping in your phone. Here we’ll be showing you what to look for while also explaining how you can play a bit of spy-vs-spy and catch the attacker in the process.
Excessive Battery Use
Tools used to snoop in your phone typically gain access to your entire device. Privileges span everything from attaching to core background process and service, to accessing and logging your screen, keystrokes, microphone and camera. This system-wide operation normally causes far higher battery use than you are used to. Keep tabs on your battery use and which apps are pulling the most power.
If you find that something is using a ridiculous amount of battery, then uninstall it and reinstall it from an official source such as the Google Play Store. Remote toolkits typically bind themselves to apps which are installed and in use on your phone. If you’re not certain and it’s chewing through your battery, then get rid of it and reinstall.
Spiking Data Use
In a similar manner to battery use, spy apps will escalate your data use. Some are set to only upload while you are connected to Wi-Fi, although most run-of-the-mill RATs (Remote access trojans) have no such functionality. Remember that being spied on usually involves capturing images from your front and back cameras, logging all of your messages and voice calls, and possibly streaming your mic and video.
All of this data is then uploaded to a server online or saved on your phone for later uploading. Malicious tools will consume both space on your device and result in massive spiking data usage as all your private data is streamed to your attacker in whichever way they prefer.
As malicious software logs your phone calls, messages and other private data, it causes a great deal of excessive processor usage. This combined with the real-time streaming of your info can cause glitches and faults as well as sluggish performance. If you notice your phone freezing while you’ve got loads of space and no open apps, or if you notice you find yourself switching to accessibility menus and settings pages for no good reason, then someone is probably snooping on you. Check your applications including the ones running in the background and make sure that they are legitimate installs. Any irregularities in operation should motivate you to check your apps, battery and data use to make sure that there is nothing running that shouldn’t be there.
Unofficial Apps & Background Services
A modded game may seem like a fantastic idea giving you not just a pirated-piece of pleasure but also unlocking extra levels and cheats, but it’s not a good idea. Other than being an act of theft, cracked and modded apps and games are normally backdoored with malicious tools design to either spy on you or make your device part of a botnet.
We aren’t all important enough to warrant being spied on directly, but our device and identity is forever invaluable to carrying out digital actions en masse. Once infected you’ll either be handing over sensitive data or silently visiting links, generating traffic and downloading files. Often all of the above is applicable.
Stay away from apps which come from unknown sources and only install software which comes free from warnings. False positives are scarce unless you’re a beta-tester or developer.
Snoop on Yourself
If you are fairly convinced that someone is snooping on your phone and want to see what exactly they are stealing, then try to identify which software they are using. If you can find a surveillance app installed, then you may have no other choice other than to leave it as is and confront the would-be spy. Most tools such as mSpy and FlexiSpy require an administrative password to be uninstalled.
One way to check what information is being stolen from your device is to look in the store locations used by the app used to spy on you. A bit of research will reveal where on your phone’s storage recorded phone calls are kept, messages logged, and other data are held. If you really can’t find what your attacker is looking for like this, then perhaps they’re remotely controlling your device when it’s not in use.
In such a case you can literally spy on yourself using another remote access toolkit to see what they’re doing when you’re not using your phone. Read on.
Checking for and Setting Up a RAT
If your attacker is using an open-source remote access toolkit or one of the many found on hacking forums and message boards across the internet, then it may be easy to find out exactly what they’re spying on you for. As before, try to identify what tool is being used to grant access to your device. Commonly used RATs include AhMyth and Spynote. Once you’ve found which RAT is being used then you need to setup the listening tool on your desktop device.
Alternatively, if you want to spy on yourself viewing what you suspect is being done silently when you’re not looking, then set up and install an open-source RAT or paid surveillance app. While a less-than-legal process, the same illegal software used to infect you can then be set up on a desktop computer or laptop.
Every RAT comes as two parts. You have the server application which has to be installed on your device and configured to a specific port. It is normally a port not used by conventional apps and services. It’ll take some technical know-how, but experienced individuals can then scan your device for which ports are open and in use in order to establish which channel of communications your hacked data is being sent through.
The second component is the client application which remotely accesses the leaked data through the configured port. Setting up the listening tool and configuring and installing the remote access toolkit require a similar level of technical skill. The scary part of the process is that you find many shady characters offering a complete setup-service for these tools. Whether offerings like this can be trusted is a mystery. You may end up being spied on in your act of trying.