mSpy app lets someone remotely snoop on you through your phone or tablet

Filed Under: Data loss, Featured, Mobile, Privacy

mSpyWe all know by now that the US's National Stalker Agency - oh, excuse me, I meant to say National Security Agency (NSA) - eavesdrops on just about everybody on the planet.

Evidently, the UK is no better.

But surveillance by your own mother?

Nothing is sacred.

At any rate, that's the takeaway you get after an eyeful of the mSpy application.

mSpy is a mobile surveillance application that runs on smartphones and tablets including iPhone, Android, BlackBerry, Symbian, iPad and Galaxy Tab devices.

Its marketing promises that users who install it on their phones can "remotely spy on text messages, call logs, and emails; track location, record surroundings, and more on smartphones and tablets."

Not only that, it stealthily keeps tabs on calendar information; records conversations; determines GPS coordinates of the phone and shows the location of the target device on a convenient map.

Is that legal, you say?

Hahahahahahahahahahahaha! What an adorable question.

But yes.

Yes, it is legal, as long as the "target" is a child or an employee and the surveillance operator has informed the "target".

From the company's disclaimer:

My Spy (mSpy) is designed for monitoring your children, employees or others on a smartphone or mobile device that you own or have proper consent to monitor. You are required to notify users of the device that they are being monitored.

Its maker claims that the app is 100% undetectable by the device user, as a sale rep told The Next Web:

After complete installation the application runs in a stealth mode, so it is undetectable and completely invisible for the target phone’s user.

Physical access is required to install mSpy - which takes about 20 minutes - but not after that.

Spy. Image courtesy of Shutterstock.Your mom, your dad, your boss, or any random, creepy friend or stalker who got his or her hands on your mobile phone can remotely tweak the application's settings at any time with a convenient control panel on any internet-enabled device.

If you find a shiny new gadget under the Christmas tree in December, you may well ponder whether your benefactor has slipped you an mSpy.

Here's what the company says about determining whether somebody's installed mSpy on your gadget:

It's impossible.

Unlike other software of this kind, mSpy manages without SMS commands that appear in the message folder of the target mobile device to make the application work. The size of the activity data that gets uploaded to the server never exceeds 100kb and doesn't get noticed by the owner of the target phone when their phone bills arrive. Moreover, the mSpy application boasts a battle-tested history of insignificant battery power consumption so that the target device works as usual. Thus, it is virtually impossible for the owner of the target phone to detect the mSpy software as it can be controlled online without conspicuous connection between the server and the target phone.

Are there legitimate reasons to conduct surveillance on people?

Of course. Data leakage from corporations is one such.

Employers who choose to do so should heed the company's advice on the matter, though:

Using the mSpy cell phone tracking software for spying on employees suspected of company theft, fraud or lying is absolutely legal. Companies also have a legal right to monitor phones used in the course of conducting company business to ensure the devices are not being misused. Companies are obliged to notify employees on what type of cell phone usage is deemed acceptable. Please note that by informing staff before installing mSpy on their phones, and by having them accept this as part of using the company-owned devices you will ensure that the company will not run into any legal problems.

When it comes to monitoring employees, the buck doesn't stop here with mSpy - it stops with the employer.

Like mSpy advises, employers should make sure they inform employees regarding what's considered to be appropriate mobile device use for their role. Informing staff that they're being monitored is also a prudent thing to do.

But what about monitoring children? Parents, do you already? If not, would you? If yes, then do your kids know they're being monitored?

I wouldn't do that to anybody, and the NSA doesn't share with the likes of me, so you're just going to have to tell us your thoughts in the comments section below.

Image of spy courtesy of Shutterstock.

, , , ,

You might like

39 Responses to mSpy app lets someone remotely snoop on you through your phone or tablet

  1. Sean · 672 days ago

    "It's impossible" to detect? Challenge accepted.

  2. RichardD · 672 days ago

    If you are "required to notify users of the device that they are being monitored", then why should it be "undetectable by the device user"? If the user knows they're being monitored, then there's no point in hiding it from them.

    It's almost as if they're suggesting you can monitor people *without* their knowledge or consent, and only added the "please tell them" line to appease their lawyers.

    • Lisa Vaas · 671 days ago

      I believe that the correct legal terminology for the recommendation that targets be notified prior to software installation is "let's cover our ass."

    • OK I'm late to the party here, but their is a use case for both legal monitoring and it being "undetectable" so long as it's "undetectable" so it irremovable.

      However my guess is the company is trying to cater to... shall we say two markets...

  3. Ralph Haygood · 672 days ago

    Okay, you asked what I think of this, so here it is: BLECH. I hope not only Sophos but every other such system recognizes this atrocity as malware.

  4. Caroline Jones · 672 days ago

    I doubt the legality of using this app in the UK to spy on another person. If the activity takes place in the UK, a person would be entitled to claim a breach of Article 4 of the Human Rights Act 1998, the right to respect for private and family life. Employers and others should be very wary of breaching the law in this respect.

    • NoSpin1600 · 672 days ago

      I do not live in the UK but would the law apply if the employer owns the device being monitored and has an acceptable use policy in place?

  5. NoSpin1600 · 672 days ago

    Really, you have to notify your child that you are running the app on their phone that you pay for?

    • Anonymous · 671 days ago

      if its your phone - you have to notify yourself - if they want to borrow 'your' phone, they accept its liabilities.

    • Carmine Garnaggio · 657 days ago

      Right! - I gotta say, I agree with the implied statement - my kids - my right to know. Don't think so? If I'm letting them use my car, I'm liable for their irresponsibility. I bought the phone for them, I put it on before I give it to them. Period.

      • Tamara · 513 days ago

        And if someone is on welfare you should be able to look into their private bank accounts and monitor/ control every penny they spend too? Would that then extend to the government, who is keeping track of the economy, monitoring how YOU spend/ save every penny in order to protect the (now struggling) economy (you're a citizen in their country benefiting from their governing/ services, even just by living there so they may claim the right to do this eventually. They fix the roads, for instance which is a public tax paid service)? Just because you spend money on something doesn't mean you can violate the rights of the person who received the money/ item/ service... There are huge privacy concerns here. you cannot violate other people's basic rights under any circumstances... The minute people make excuses to violate one persons, it extends and expand to eventually include everyone. Those rights are there for a reason, and are being eroded on a massive scale now, all over the world. It is getting dangerous and ridiculous and I refuse to put up with it on my end.

        • Anonymous · 117 days ago

          I absolutely agree! People love to get on the band wagon about those receiving some kind of social security and are happy to see various human rights given away in exchange for getting that assistance. In reality however, everyone is making use of the tax-paid system - roading, education, etc. and indeed, in the process rights ARE given away. What education people's kids are receiving, the content of the 'messages' they're receiving - we Big Daddy government is paying, so Big Daddy says what gets taught. All sorts of compromises to basic human rights and freedoms are going on in the name of 'protection' and 'for the greater good'. Bah! Wake up people, do you want to have your life run for you?

  6. Art · 672 days ago

    A couple of things...
    1. I could not find anywhere on the mSpy website where it said that physical access to the phone was required (I might have missed it) but did find in the FAQs the implication that the 'spyer' could download it from their computer to someone's phone. This isn't good!
    2. It's a subscription service where all the data goes thru the mSpy servers. The subscription is a bit pricy at $40/month/phone for a basic home service. This would probably leave folks who want to play in the dust.
    3. One of the 'testimonials' was from a woman who spied on her fiancé and found he was cheating on her. Do you suppose he gave her permission to install this on his phone? Bet not!
    Regardless - thanks for the article, it's interesting. I'll be sharing.

  7. Title · 672 days ago

    Name one government spy agency that does not collect data of any type on it's citizens.

    I personally think it is fine to put this program on your child's cell phone, as long as you let him/her know that it is monitored. Most kids won't care as long as they have a cool phone + cool app(s) of the moment.

  8. Anonymous · 671 days ago

    I am an iOS software developer. I am very skeptical of mSpy's claims of an app that can run, undetected, on a user's iPhone and monitor their use of the device. Apple has built iOS so third party apps run in a "sandbox", and don't have access to the activities of other apps. They also don't have the kernel-level access that would be required to monitor system activity. The only way I can think of that this would be possible is on jailbroken devices, and you can't hide the fact that a device is jailbroken. Jailbreaking requires the knowledge and active cooperation of someone with the device's password, and changes the way the device operates in very obvious ways.

    Rooting an Android device without the user's knowledge might be possible. I'm less knowledgeable about that platform.

    • ngyikp · 671 days ago

      According to the article on The Next Web:

      "Thankfully, the app requires physical access for installation. The iOS version requires that the client device is jailbroken, and it isn’t currently compatible with iOS 7 and recent versions of iOS 6 (6.1.3 and 6.1.4)."

    • Lisa Vaas · 671 days ago

      Thanks for your input. I would be interested to hear how this app might be detected by a layman who doesn't have iOS development chops. Then again, I'd also be interested in hearing how it would be detected by somebody who *does* have iOS development skills. Might you expand on your comment?

  9. Will · 671 days ago

    1) If it's an app, then how does it get installed on an iPhone without jailbreaking. 2) Within 48 hours of this article there will be an easy to use detection app, procedure or test that will be created by someone who despises this sort of thing. Wish it were me, but I don't have the skill.

  10. Jose · 671 days ago

    Who would like to install such a thing? Who knows it may be already installed and part of the OS :-) on our devices that 's why is not detectable By the way something that can monitor all your activity on the net is called ?

  11. Tom · 671 days ago

    I think that using it as parental control is actually justified. Do you know any other phonesspy software? mSpy is a bit expensive I think.

  12. WSG · 671 days ago

    It installs via a malicious link that is accessed via a web browser on the targeted device.

    Their "compatibility" page states that the target iOS device must be jailbroken. It also doesn't currently work on iOS 6.1.4, 6.1.5 or 7.

  13. Clemens · 636 days ago

    Just found this article, so a late-for-you-but-not-for-me comment:

    I am really a bit confused about the statements trying to justify using such an app as employer or parent.
    At the end, IT security tries to make privacy possible. But if already some Sophos readers tend to give up privacy for the sake of questionably justified control, then where is the rest of world heading to?

    What for would an employer need total transparency about what an employee ever used his/her smartphone? If you don't want loose confidential data, than better protect them at the source. Putting all this information onto mySpy's server is probably the first step towards total leakage.

    Why on earth do you need to "spy on text messages, call logs, and emails; track location, record surroundings, ..." for executing parental control? Would you want your parents do that to you?
    Your adult now? Do human rights depend on age?

    BTW: I do not believe the stealthy claim. Nevertheless, it is interesting how this obviously malicious may-be-property is good for marketing, just by sounding quite jamesbondish.

    • Human rights I agree to - Life, Liberty, and the Pursuit of Happines. Several civil rights do have an age factor.
      I do not allow my child to smoke or drink, nor is she legally allowed to vote, drive, serve in the military, or sign contracts at the age of 12. As for rights on the device, it is understood in our family that the devices belong to us parents, and are not part of personal property.
      Her privacy is based on trust and understanding of where the limits are - in advance. When she is of an age to pay for and maintain her own phone (likely 16-18), it will her device and not mine. As for if she chooses to remain on my phone during such time, yes she will be reminded again of the apps one the device and the lack of familial privacy on the account.
      This is a communication device, not her personal diary.

  14. Angeline · 598 days ago

    Installed it, never worked and they refuse to refund.

  15. ff · 578 days ago

    how do you remove it if you have it

  16. Annie · 558 days ago

    If I am in the United States and my bf is in the uk can he see my phone calls through the mobile spy app

  17. Anonymous · 545 days ago

    How would you uninstall this if you feel someone has done this to stalk you?

  18. Laura · 507 days ago

    Yes, my 11 year old daughter and I think her phone has this my spy wear installed on it, to control her and to keep tabs on me( his ex)!
    If someone knows how we can fool this app or help it be incorrect to the spy( dad). Please let us know! It's a twisted way to try to control others .
    Trust is earned, being fearful is just plain scary and creepy.

    • Anonymous · 498 days ago

      Laura, I would assume if you erase the phone (bring it back to the original state) then every app, including this one will be erased. Just to make sure, I would change the password on the google account as well that way it could not be installed remotely.

  19. anonymous · 497 days ago

    Well, the worse possible abuse of this app has happened to my daughter who recently broke off her engagement to a police officer no less. Between breaking off the engagement and moving to Seattle he installed this app and has been tracking/stalking her every move. This app can and will be abused in endless ways by people who lack scruples, even people who have taken an oath to protect us.

  20. Anonymous · 489 days ago

    I have a question if you do a factory reset would it be removed then?

  21. Nobody · 441 days ago

    I think it's boss's obligation to inform the employees of their being monitored. When I was told that my working phone is installed with iKeymonitor, I expressed my understanding even if I feel a little bit uncomfortable! If I found the fact by myself I'll be very angry and I think I can prosecute my boss!

  22. Anonymous · 436 days ago

    Great, install something like this on your phone. If a thief steals your phone, wait a while. Collect info on him, and exploit their bank accounts anonymously on the internet, or buy bitcoins with their money. Sounds like a great idea to me. I'm installing something similar today (not this though, this app is lame)

  23. LadyT · 405 days ago

    I discovered in February of this year that who I thought was a family friend had actually been victimizing me for two years. Not only did he con money out of me, which took from the needs of my children and me, but he actually told me that a 'friend' of his had installed a camera on my phone and was watching everything I did around my home. He listened in on private phone calls, and viewed private texts of myself and others. This is CRIMINAL behavior and he will be prosecuted for it.

  24. Sabrina · 390 days ago

    Perhaps is it detectable by noticing no internet connection during your phone conversation and then once internet is accessible your call is dropped?

  25. Have just been tracked / monitored for a significant period of time by my now former partner using a zoemob application as well as recording devices around the home we shared
    The app gave my partner information that i may not with Her to know and she would often use this in a negative or controlling way
    The psychological impact on myself was substancial leading to psyco therapy and a breakdown as it lead to arguments that were irrealvent
    and at times unecessary
    The Apps are in fact a very dangerous tol especially in the wrong hand something gauranteed to deastate a relationship
    The police in general unaware of the laws that the apps violate and the effects on the target person the accumlative effects of long term privacy invasions are devastating
    Should be banded and the preprtrator prosacuted

    The app is was able t

  26. How do you seure a prosacution if you are unaware that the app is installed and monitoring your every moved and conversations i recently found an app on my hand set but the reaction from the police was that my partner was paranoid and thought i was a serial bed hopper with such reaction how can the victim of a faceless crime seek justice
    the information my partner gained from the app gave her power and the knowledge to control and abuse every privat text was read and even the langauge used would be questioned
    the apps arclosely linked with domestic abuse and give abusers the ultimate power
    has anyone else had a experience of being abused in this way

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

I've been writing about technology, careers, science and health since 1995. I rose to the lofty heights of Executive Editor for eWEEK, popped out with the 2008 crash, joined the freelancer economy, and am still writing for my beloved peeps at places like Sophos's Naked Security, CIO Mag, ComputerWorld, PC Mag, IT Expert Voice, Software Quality Connection, Time, and the US and British editions of HP's Input/Output. I respond to cash and spicy sites, so don't be shy.