Fans are probably getting ready to watch You season 4 part 1 as it finally premieres on Netflix. Since its launch in 2018, millions have been following the romantic exploits of serial killer and stalker Joe Goldberg.
Girl after girl, or, more accurately, obsession after obsession, Joe's playbook has always been the same: extracting as many details as possible from his victims' digital lives, no matter if it's public or private.`
Unfortunately, this doesn't just happen on TV.
Experts are now worried that viewers might normalize, or worse, see digital stalking as sexy. Spoiler alert: it's not. It's quite the opposite, and cyberstalking is a growing issue affecting both today's online and offline world.
"It is important that we do not romanticize the behavior as seen in You, but instead denounce it for what it is: stalking," said Christina Jankowski, Senior External Relations Manager at security firm Kaspersky. "Regardless of whether it is happening online, digitally stalking and stalkerware is a form of violence."
Kaspersky is, in fact, one of the nine members that founded the Coalition Against Stalkerware in 2019. With their work, the group seeks to both raise awareness about the issues as well as equip victims with technical tools to help fight back digital stalkers.
On a serious note.. #Stalkerware threat is still there❗These apps can:⚠️Read texts, socials DMs, and so on..⚠️View contact lists and call histories⚠️Track victims’ locations⚠️Collect data from calendars⚠️View photos stored on phones👉https://t.co/SZdoufuwTF#younetflix pic.twitter.com/cNlWrOuCDMFebruary 9, 2023
The rise of cyberstalking
As we spend more and more time online, the potential for falling victim to cyberstalking is only rising.
Cyberstalking as a social issue hit the spotlight around 2011. At the time, evidence was already suggesting how the online practice was already more common than face-to-face. In 2017, Pew Research Center found that around four in ten Americans personally experienced online harassment, with 62% considering it a major problem.
Digital technologies arm stalkers with many different means to prey on their victims. These include persistent contact on social media, email, texts and calls, the disclosing of victims' private information (doxing) or pictures (revenge porn), as well as invasive apps used to snoop on private phone calls, texts and virtually anything else people do on their phone.
The latter are especially dangerous as they can easily turn into a threat for the offline safety of the victims. Even worse, as they run hidden in the background, victims are usually completely unaware that it's happening.
Spyware is a type of malware (malicious software) which collects personal information or logs keystrokes. The Pegasus scandal, for instance, revealed the increasing danger of authoritarian governments using such apps to snoop on activists and journalists across the world. In that case, simply answering a call was enough to have the phone infected.
Stalkerware is software that allows someone to spy on everything others do on their mobile. Unlike spyware, these apps aren't characterized as malicious. They are rather easier to download and use, meaning that anyone can purchase this invasive application to stalk a partner or stranger.
According Kaspersky's data, more than 29,000 people had their digital lives tracked by stalkerware in 2022. The UK sits in the top 10 list of the most affected nations, the 4th in Europe with 313 cases.
"This is right after France (365), Italy (405) and Germany (736)," said David Emm, Principal Security Researcher, Global Research and Analysis Team at Kaspersky.
At the same time, the Coalition Against Stalkerware estimates that such software could be responsible for something close to a million stalking cases across the world every year.
But, as Jankowski reminded: "There are real-life stories behind the numbers of those affected which is why it is important to take active action against it."
Fighting back against stalkerware
While any form of digital stalking has a profound impact on victims' lives, stalkerware is arguably the most invasive and dangerous way to strike.
"Most people still don’t protect their mobile devices like they do their desktops, which in turn makes it less likely that stalkerware will be noticed and much easier for it to be installed without a person’s consent," said Emm.
"Stalkerware is the digital tip of the much bigger domestic violence iceberg and, as such, it’s often the enabler of a much bigger crime."
That's why Kaspersky, together with nine more other companies and organizations, founded the Coalition Against Stalkerware in 2019. Its mission is quite ambitious: improving the detection of stalkerware, combat domestic violence, promote knowledge sharing, and raise public awareness about the issue.
In aid of this, Kaspersky has developed TinyCheck, an untraceable and free open-source tool to scan a device to detect stalkerware and other monitoring apps without alerting the perpetrators.
Today, more than 40 members across the world make up the Coalition. These include some of the biggest security companies and groups - Tor, Malwarebytes, Norton, Avast, and more - digital activists and advocates such as Electronic Frontier Foundation, as well as organizations fighting violence against women like WESNET.
How to protect yourself against digital stalkers
As we have seen, digital stalkers like Joe from You now have tons of ways to carry on their stalking campaigns while leaving their victims in complete darkness.
As a rule of thumb, we suggest limiting the amount of personal information shared online. Strong passwords all round and things like multi-factor authentication should help, too. Software like the best password managers can be of use here.
When it comes to the most invasive stalking practice, Kaspersky has put together a series of recommendations to help users protect themselves against stalkerware on mobile devices:
- Secure your smartphone with a strong password: this should never be shared, no matter if that's with a friend, partner or colleague.
- Regularly check all installed apps' permissions: stalkerware apps might be hidden behind a fake name.
- Delete unused apps: again, among these might be invasive monitoring software.
- Review browsing history: stalkers may visit some websites to download the stalkerware, and/or erase all the history without the phone's owner knowing.
- Use reliable security software: Kaspersky and all the best antivirus software around, for example, offer solutions to scan and block trackers, malware and other monitoring apps. The best VPN services can also help users to better protect their overall privacy online.
We also suggest looking out for unusual behavior on your device, as this might be a symptom for infection. This includes faster battery drain or a sudden increase in data consumption.
"Unlike a computer virus that can be detected, quarantined, and eliminated, what makes cyberstalking complicated is the inability to simply rip it out once detected, as the perpetrator would be alerted: this would potentially put the victim in danger," explained Emm.
That's why, in case evidence of active stalkerware has been found, Kaspersky invites victims to reach out to a local support organization instead as soon as possible.
"Kaspersky will continue to offer its expertise and services across its network of international working groups – the most recent being the CONSENT EU project, running from February last year until January 2024 – as well as leading UK university researchers."