All a sinister person needs to do to spy on you is to simply penetrate your smartphone or tablet.
OF late, spying has been a household word after revelations of Prism, a clandestine mass electronic surveillance programme operated by the United States National Security Agency (NSA), by former NSA contractor Edward Snowden.
But one does not need an entire state programme to spy on someone.
All that a sinister person needs to do is to penetrate their intended victim’s smartphone or tablet. Which is quite an easy thing to do, actually. One of the common methods used is spyware.
Such spyware can easily be found by searching on Google although they are usually not free.
This is what happened when a husband in Singapore suspected his wife of having an affair. On the pretence that his phone was not working, he borrowed his wife’s phone to make a call but instead installed a spyware app.
The husband was then able to see the calls made (but not hear the actual conversation), messages sent and her location at that point, from a computer using a Web-based application that communicated with the app.
When the information confirmed that she was having an affair, he continued to monitor her phone for some time before posting the information online, including the messages she sent to her “lover”. He did not reveal any personal details about themselves but this is how the news became public.
However, many have questioned the authenticity of the story, with some brushing it off as a publicity stunt to sell the spyware app.
Nevertheless, it pays to be safe, as there are apps that can do such things and they are easily obtainable from the Web.
“Mobile phones are an integral part of consumers’ lives, with two thirds of adults worldwide reporting that they use a mobile device to access the Internet,” says David Hall, senior manager of regional product marketing for Norton at Symantec Corporation.
“As we use our mobile phones in new and innovative ways, we’re also putting sensitive information at risk.”
“Spyware is a type of malware (malicious software) that logs information and then forwards that information from your device,” explains Rob Forsyth, director for Asia Pacific at Sophos Ltd.
Usually, such spyware is capable of operating quietly in the background so it can easily go unnoticed by an unsuspecting device owner.
“For a regular user, it is very difficult to figure out that they’ve been infected,” says Goh Su Gim, security advisor for Asia Pacific at F-Secure (M) Sdn Bhd. “There’s no obvious signs.”
In fact, it may surprise you to know that such threats could actually come from a source that’s known to you.
“There is a possibility that consumers might download spyware from an identified party such as their spouse, friends, colleagues, business associates or from an unknown source accidentally,” says Goh Chee Hoh, managing director for South-East Asia at Trend Micro Inc.
As an example, he describes a mobile phone monitoring service which uses Nickispy, a family of viruses that attacks Android devices). It is said to be capable of monitoring a mobile user’s activities and whereabouts. The Chinese website which offers this service charges subscribers fees costing US$300 to US$540 (RM900 to RM1,620).
“This spyware sends MMS to the victim’s mobile device. Once the MMS is downloaded, the cybercriminal is granted access to your line of communications,” Chee Hoh says.
This security issue is further compounded in cases where a consumer uses the same device for both work and personal purposes.
“From a personal user’s standpoint, one can experience loss of privacy whereas from a business perspective, an organisation may lose sensitive data which can lead to loss of revenue,” he explains.
Had such an act been committed in Malaysia, it would go against Section 231 of the Communications and Multimedia Act 1998. Using an app to obtain information from another person’s phone can land the offender a RM50,000 fine or a prison term not exceeding two years if convicted.
The Malaysian Communications and Multimedia commission (MCMC), our multimedia industry nurturer and regulator, also said that it does not act alone when pursuing offenders.
“We look at each case individually and help other agencies like the police, for example, when upholding the law,” said Sheikh Raffie Abd Rahman, MCMC head of strategic communications.