What Is A Spyware? How To Protect Your Phone From Spywares Like Pegasus?

by Shatakshi Gupta

In a report by Amnesty International, the Indian government had allegedly used an Israel-based company’s spyware to conduct surveillance on political leaders, journalists, constitutional authorities, and its leaders as well.

The aforementioned software is so advanced that it can get activated on an individual’s phone simply through a missed call. Once activated, it can copy and transfer all the activities of the mobile phone owner to the company’s server.

After this, you must be intrigued to know about this and what to do to protect your device and privacy from such surveillance. In this article, we will discuss such questions.

What is spyware and who uses it?

Spyware is software or malware designed to spy on someone. These are used to collect information from a computer, phone or any other device. Spyware is generally simple software that exploits common security vulnerabilities in gadget software, but few Spywares are extremely sophisticated, exploiting vulnerabilities in computer coding. These weaknesses of computer coding are called unpatched software. Such spyware also preys on the latest mobile phones with advanced security features.

Also read: Android Users Beware, Fakesky Malware is Back and is Dangerous Than Ever Before

Where is it mostly used?

The most sophisticated spyware in the world is usually used by security or intelligence agencies. These software are so expensive that usually, only governments could afford them. It has long been suspected that terrorist groups and criminal gangs also have access to spyware.

How dangerous are these spywares?

Sophisticatedspyware can steal almost every singlepiece of information on your device. It can listen to real-time phone calls. It can read emails, social media posts, call logs, end-to-end encrypted messages like WhatsApp or Telegram. Along with the location of the user, it can also tell whether it is moving or stopped.

It can extract contacts, usernames, passwords, notes and documents from the phone or SIM, as well as photos, videos and sound recordings. Some spyware can even trigger the camera and microphone of your smartphone or smart device.  During this, recording starts without waking the screen or knowing in any other way. Broadly speaking, spyware can do everything a user can do with their device. Some spyware can even send files to other devices without being detected.

What is a zero-click attack?

 Pegasus spyware has now surpassed the phishing message trick to break into your smartphone or smart device. Pegasus’s modern attack doesn’t send a link or message that, when clicked, enters the malware into your device. In the new method, it does not require any action from the device user. That is, the user does not get missed call, message or link in any way.

This technique of attacking spyware is called a zero click attack. In such a situation, it becomesalmost impossible to detect or prevent any attack in time.

How one can know if his/her device contains spyware?

It’s almost impossible to know, malware is designed to work stealthily and cover its tracks. So the best way is to protect yourself.

Also read: After Pegasus Controversy, India Needs A Robust And Reformed Surveillance Framework

Almost everyone’s smartphone is vulnerable, although most common people’s smartphones are less likely to be targeted. Criminal suspects and terrorists, journalists, human rights activists, politicians, diplomats, government officials, business leaders and relatives and associates of VIPs are usually the targets of such Spywares.

How to protect the phone from any such spyware?

There are some basic rules of cybersecurity to protect your device. Always keep these points in your mind to avert any cyberattack.

  • Keep your device and software up to date. For this, go to your settings and activate automatic updates.
  • Devices older than five years are at higher risk of becoming a victim of such spyware attacks. Especially if they are running on an older operating system.
  • Use a unique hard-to-guess password for your device, site, and each app. Don’t use passwords based on your phone number, date of birth or pet names that are easy to guess.
  • Wherever possible, enable two-factor authentication.  Such sites will ask you for another code along with your password. These passwords are either sent over the phone or will be received through a separate authenticator app.
  • Do not click on links or attachments sent by strangers.
  • Whenever possible, activate disappearing messages or other such settings so that messages or other communications automatically disappear after a certain amount of time.