Stalkerware

Stalkerware is monitoring software installed on a phone or computer without meaningful consent, usually to track messages, calls, location, or account activity. It is often framed as "family safety" or "device monitoring" but used in ways that remove privacy and control.

In recovery work, stalkerware changes your risk model because normal device actions can alert the person monitoring you. The priority is safety, evidence quality, and control of your core accounts.

Why stalkerware matters for account recovery

When monitoring software is present, attackers can see reset links, one-time codes, and security notifications. That means password changes alone may fail if the same compromised device remains in use. In sensitive cases, starting recovery from a separate trusted device is safer than making visible changes on the monitored phone.

Safety note: If you believe someone close to you is monitoring your device, treat physical safety as part of cybersecurity. Sudden changes can escalate real-world risk.

Common failure modes and misconceptions

• "My battery is draining, so I must be hacked": battery drain alone is weak evidence. Look for unknown monitoring apps, suspicious permissions, and account alerts.
• Confusing work policy with abuse: managed devices can legitimately collect telemetry under workplace policy. Unexpected personal monitoring is different.
• Confronting early: confronting a suspected person before securing accounts and planning safety can increase risk.
• Factory reset first: reset can remove software, but it can also remove evidence and does not fix compromised email or phone-number recovery paths.

Safe best practices

• Use a separate trusted device to secure your primary email, Apple ID/Google account, and financial logins.
• Review high-risk permissions first: Accessibility, notification access, device admin/management, and unknown VPN settings.
• Document suspicious behavior before major changes when it is safe to do so.
• Use official platform safety resources and local support services when personal safety is a concern.

Related terms

• Mobile Device Management (MDM)
• Configuration Profile
• Sideloading

Related guides

• How to check if your phone is hacked
• Been hacked? What to do first
• How to check if you've been hacked

The strategic move is to secure control-plane assets first (email, phone number, identity account), then clean the device. That order prevents a common loop where monitoring persists and recovery keeps failing.