Browse Definitions :
Definition

mobile spyware

Mobile spyware is a classification of software programs that monitors and records information about an end user's actions without the end user's knowledge or permission. If the end user is aware that monitoring software has been installed, the software is not considered to be spyware. 

Like desktop spyware, mobile spyware is often installed unwittingly by the end user when he or she sideloads a third-party software app, visits or is redirected to a malicious website or leaves the computing device physically unattended. Once a mobile device is infected with spyware, the spy can eavesdrop on conversations held on (or near) a compromised smartphone or access data that is stored on or transmitted by the device. Bluetooth also offers a largely unsecured interface that can be exploited by those in close proximity, through techniques like Bluesnarfing. Smartphone accelerometers have been used in keyboard vibration attacks to detect what is typed on a computer with surprising accuracy when the phone was sitting on the desk near the keyboard. Controversially, governments have used mobile spyware to access the data of citizens, notably with the Smurf suite of spyware tools brought to public attention by Edward Snowden.

Antivirus software that includes antispyware protection should be used to find and remove spyware. Although mobile security software exists, many users are lax about installing it. For one thing, phone security solutions use up system resources thereby slowing down other software and consuming power. Furthermore, because the effectiveness of app-based security has often been questioned, users may feel that installing security apps is pointless. To prevent spyware, users should only download software from trusted sources, read all disclosures when installing software, avoid clicking on pop-up ads and stay current with updates for operating system (OS) and application software.

This was last updated in July 2016

Continue Reading About mobile spyware

SearchCompliance
  • OPSEC (operations security)

    OPSEC (operations security) is a security and risk management process and strategy that classifies information, then determines ...

  • smart contract

    A smart contract is a decentralized application that executes business logic in response to events.

  • compliance risk

    Compliance risk is an organization's potential exposure to legal penalties, financial forfeiture and material loss, resulting ...

SearchSecurity
  • private key

    A private key, also known as a secret key, is a variable in cryptography that is used with an algorithm to encrypt and decrypt ...

  • DOS (disk operating system)

    A DOS, or disk operating system, is an operating system that runs from a disk drive. The term can also refer to a particular ...

  • security token

    A security token is a physical or digital device that provides two-factor authentication for a user to prove their identity in a ...

SearchHealthIT
SearchDisasterRecovery
  • What is risk mitigation?

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.

  • change control

    Change control is a systematic approach to managing all changes made to a product or system.

  • disaster recovery (DR)

    Disaster recovery (DR) is an organization's ability to respond to and recover from an event that affects business operations.

SearchStorage
  • What is RAID 6?

    RAID 6, also known as double-parity RAID, uses two parity stripes on each disk. It allows for two disk failures within the RAID ...

  • VRAM (video RAM)

    VRAM (video RAM) refers to any type of random access memory (RAM) specifically used to store image data for a computer display.

  • PCIe SSD (PCIe solid-state drive)

    A PCIe SSD (PCIe solid-state drive) is a high-speed expansion card that attaches a computer to its peripherals.

Close