Monitoring tools can be used for legitimate and malicious purposes.
The first category includes parental control and employee monitoring software, the second one screenshot grabbers, keyloggers, voice or video recording tools – in short, spyware.
According to the statistics compiled by Microsoft, the users most targeted by spyware in the last month are those based in Brazil, the US and Russia, where 27% of all monitoring tool detections had been recorded.
If you are based in Brazil and Eastern Europe, beware of ongoing social engineering campaigns that point you to application or games available for download from file-sharing websites, as some of them contain concealed monitoring tools (here are a few examples):
The files are hosted on many different legitimate sharing sites, and it’s difficult for tech-unsavvy users to spot that something might be wrong with the files. The usual advice of avoiding executable files isn’t useful in this case.
“An unsuspecting user could download and run what seems to be a clean program, not knowing that in the background their privacy is being compromised,” Microsoft pointed out. “The malicious actors behind these threats use common email providers to retrieve private data from users. We are working with our partners to remove the hosted files and close their email accounts.”
Users can protect themselves against this particular danger by being cautious when opening emails or social media messages from unknown users, and by downloading software only from its developer’s official site. Regularly updating and running your security software is also a good idea.
Another good thing to remember is that monitoring software is often installed by cyber criminals, but that it’s also a tool preferred by abusers intent of spying on their victim(s).