Mobile spyware is a classification of software programs that monitors and records information about an end user's actions without the end user's knowledge or permission. If the end user is aware that monitoring software has been installed, the software is not considered to be spyware.
Like desktop spyware, mobile spyware is often installed unwittingly by the end user when he or she sideloads a third-party software app, visits or is redirected to a malicious website or leaves the computing device physically unattended. Once a mobile device is infected with spyware, the spy can eavesdrop on conversations held on (or near) a compromised smartphone or access data that is stored on or transmitted by the device. Bluetooth also offers a largely unsecured interface that can be exploited by those in close proximity, through techniques like Bluesnarfing. Smartphone accelerometers have been used in keyboard vibration attacks to detect what is typed on a computer with surprising accuracy when the phone was sitting on the desk near the keyboard. Controversially, governments have used mobile spyware to access the data of citizens, notably with the Smurf suite of spyware tools brought to public attention by Edward Snowden.
Antivirus software that includes antispyware protection should be used to find and remove spyware. Although mobile security software exists, many users are lax about installing it. For one thing, phone security solutions use up system resources thereby slowing down other software and consuming power. Furthermore, because the effectiveness of app-based security has often been questioned, users may feel that installing security apps is pointless. To prevent spyware, users should only download software from trusted sources, read all disclosures when installing software, avoid clicking on pop-up ads and stay current with updates for operating system (OS) and application software.