What Is Spyware?

Spyware is a type of malware, also known as malicious software, that is installed onto a victim’s device without them knowing. When spyware is installed it can spy on the victim and gather sensitive information such as passwords and credit card numbers, and then send that information to a cybercriminal to use for their own malicious purpose.

Get Protected Now

How Does Spyware Work?

Spyware collects information from the victim’s device and transmits it to the cybercriminal using the device’s internet connection. Depending on the type of spyware, it could conduct different attacks. Actions that spyware are capable of include recording the victim’s keystrokes, accessing the device’s camera and microphone to watch and listen to the victim, or recording the victim’s browsing history.

Once the cybercriminal gets the victim’s data, they will use it for malicious purposes. They may sell it on the dark web to other cybercriminals who use the data to take over your accounts, steal money or commit identity theft. Other types of spyware are used for political purposes – collecting intelligence that can be used by a government or political organizations to strategize in conflict.

Because spyware takes up space and energy on your computer, an infected device may experience performance issues, such as slow speed, low battery life and glitchy applications.

How Does Spyware Work?

Types of Spyware

Keyloggers

Keyloggers

A keylogger is a type of malicious software that gets installed onto a victim’s device and logs every keystroke that the victim makes. Examples include Advanced Keylogger and Go Keyboard. One major use case for this type of malware is to steal credentials. For example, a victim could be logging in to one of their accounts and manually typing in their password. If there is keylogging software installed, the cybercriminal will be able to know what their login credentials are because they have the ability to track their keystrokes.

Adware

Adware, short for advertising-supported software, is malicious software that is secretly installed onto your device and displays unwanted pop-ups and advertisements. Depending on the type of adware installed onto a victim’s device, it can also sometimes track online activity and display personalized advertisements.

Clicking on adware may redirect you to an unsafe site, trigger malware infections or even install additional programs onto your device.

Adware
Government-grade spyware

Government-grade spyware

Government-grade spyware, like Pegasus, is an advanced cybersecurity product developed by legal security and defense companies. It is sold with the intent of fighting crime or terrorism, however is often abused and used for malicious purposes. It’s similar to stalkerware in that it has multiple capabilities, like reading texts, recording phone calls, collecting keystrokes and location tracking.

Stalkerware

Stalkerware, such as FinSpy, is surveillance software used to engage in illegal cyberstalking. With multiple surveillance abilities, stalkerware often goes beyond keylogging. This software can often access a device’s camera and microphone or take screenshots of what the user is doing.

Stalkerware

How Devices Get Infected With Spyware

Trojans

Trojans, also called trojan horses, are a type of malware that is hidden in email attachments or downloaded from websites. The victim thinks they are downloading a particular app or file and doesn’t realize that trojan malware is hidden in the download file. When trojans are downloaded onto your device they do whatever the cybercriminal has engineered them to do, which can include spying on you. Downloads on torrent sites or other unofficial sources are more likely to have trojan malware hidden inside.

Downloading an app from an untrusted source

Installing apps from untrusted sources can lead to your device becoming infected with spyware. When you download an app from an untrusted source, it's difficult to tell if the app you're downloading is legitimate because it hasn't been verified by a legitimate app store like the Apple App Store or the Google Play store. Unverified downloads can contain trojans or could be malware without the desired file included at all.

Clicking on a malicious link

A malicious link is a link that does not redirect you to a legitimate site. Oftentimes, malicious links are hidden behind a legitimate-looking link, but upon close inspection, you’ll notice that the actual website address is slightly incorrect. For example, a cybercriminal can make a link look like it’s taking you to Facebook.com, but hovering your mouse over the link will reveal that it’s actually taking you to a website address that says “Faceb0ok.com” with a zero instead of an “O.” Clicking on a malicious link may redirect you to a spoofed site or trigger a malware infection, such as spyware.

Spoofed sites

A spoofed site is an illegitimate website pretending to be a real, popular website. A fake link in an ad or email could lead to a spoofed site. For example, a cybercriminal could set up a fake site that looks exactly like the official App Store and link to it in a fake Apple ad. Because the website looks official, the victim may trust that the downloads are safe. However, the spoofed site will contain unsafe downloads with malware.

Phishing

Phishing is a cyber attack that uses social engineering tactics to convince a targeted victim to reveal sensitive information or perform certain actions. For example, a phishing email sent to a victim may prompt them to click on a link or attachment. When the victim clicks, they may trigger a malware infection that installs spyware onto their device.

Someone installing it on a victim’s device

If someone wants to target a particular victim specifically, they can secretly install spyware on their device. This can be done manually or through a WiFi network. Someone who does this may have personal reasons for attempting to cyberstalk the victim, could have political motivations or be targeting a victim for identity theft.

How to Detect Spyware

Your device is running slower than usual

Your device is running slower than usual

If you notice a sudden decline in how your device is running, it may be a telling sign that your device has spyware or other malware installed on it.

Your camera's light indicator is on when not in use

Your camera's light indicator is on when not in use

Most device cameras have a light indicator to show when your camera is being used. If you are not using your device’s camera but notice that this light is on, it’s likely that your device has spyware installed and you’ll need to take the appropriate steps to remove it.

You notice frequent pop-ups on your device

You notice frequent pop-ups on your device

If you start noticing an unusual amount of pop-ups appearing on your device, especially when using your web browser, this is also a telling sign that your device has spyware or other malware installed on it. These pop-ups may display inappropriate content or contain urgent messages that say your device is infected with a virus.

You notice new apps or browser extensions you didn't install

You notice new apps or browser extensions you didn't install

New apps or browser extensions appearing on your device, that you didn’t install, may also indicate that your device has spyware on it. Most likely, these new apps and browser extensions are the spyware itself and you should delete them as soon as you notice them.

Run antivirus software on your device

Run antivirus software on your device

While the above are signs to look out for that indicate your device may be infected, the true way to know if your device is infected is to run an antivirus software program like the ones sold by Avast or McAfee.

How to Remove Spyware

If you suspect there is spyware on your computer, you should disconnect your device from the internet to prevent the spyware from transmitting further information to the cybercriminal.

You can remove some spyware by manually deleting files, but other types of spyware are sneakier than that and can hide files that are hard to find. In order to ensure your device is clean, you should use reputable antivirus software.

The antivirus software will scan your entire computer for spyware or other types of malware and automatically detect, quarantine and delete it. If you keep the antivirus running on your device, it will scan new files as they arrive and prevent spyware from causing performance issues or transmitting private data.

How to Remove Spyware

How to protect your iPhone or Android from spyware

Keep your phone's operating system updated

Operating System (OS) updates often contain security patches that patch known vulnerabilities. When a new update becomes available and isn’t installed, it opens a back door for cybercriminals. These flaws essentially act as holes that can make it easier for cybercriminals to infect your devices with all types of malware.

Use a password manager

Password managers are convenient apps that securely store your passwords and other sensitive data. When logging in to your accounts, a password manager can autofill your credentials for you. In the case that your phone was infected with spyware such as keylogging software, it wouldn’t be able to track your login credentials, since a password manager autofills this information without you having to type it.

Only download from trusted app stores

When downloading new apps, only stick to downloading them from trusted app stores such as Apple’s App Store and the Google Play store.

Limit app permissions

Your apps should only be allowed a limited amount of permissions. For example, if an app is unnecessarily requesting access to your camera, always deny it.

How to protect your computer from spyware

Keep your computer's software updated

Keep your computer's software updated

Software updates issued by developers usually contain security patches for known vulnerabilities. These vulnerabilities include gateways for spyware to be installed on your computer. Your browser is especially important to keep updated in order to prevent malware infections.

Only download software and media from trusted sources

You should avoid torrent sites and other unofficial sources for software downloads. Unofficial sources are likely to contain spyware or other malware bundled with the desired download. Getting spyware on your device is not worth the money saved.

Only download software and media from trusted sources
Don't click on unsolicited links or attachments

Don't click on unsolicited links or attachments

If you get an email you didn’t expect or a strange pop-up ad, resist the urge to click. This could be a phishing attempt or it could lead you to a spoofed website with spyware. Check if a link is safe before you click it.

Store your credentials in a password manager

Password manager autofill features are not only convenient, but they can protect you in unexpected ways. Since you aren’t typing in passwords manually, it can block keyloggers from obtaining your credentials by recording keystrokes. Autofill will also only work on official sites – so if you are on a spoofed site, the autofill not working signals that you’re not where you think you are.

Store your credentials in a password manager

Stay Protected From Spyware With Keeper

Discover for yourself how Keeper Password Manager can keep you safer as you browse the internet.

Get Protected Now
Chat
close
close
English (US) Call Us