Online privacy

How to free your smartphone from surveillance

freelance cybersecurity writer

Author Bio ▼

John Mason is a cybersecurity enthusiast. On his free time he tests VPNs and has previously written for Educause, IfSecGlobal, Tripwire and more.
January 8, 2019

Sign up to free email newsletters


Contact tracing and COVID-19 director’s briefing

Do you feel like your smartphone is being spied on? You’re probably not being paranoid.

It’s hardly surprising that smartphones should be an attractive target for cybercriminals and totalitarian governments. After all, these devices contain voluminous private personal information and communications, have built-in cameras and microphones, and are connected to the internet most of the time – all the factors a spy needs to succeed.

Whether they be hackers, ad companies, your ISP, your government or even your apps, you should do whatever it takes to protect your private information from prying eyes. It’s your right.

Here I talk about how to protect your privacy from these spies and how to prevent them from coming back.

Get an antivirus

If you’re afraid that spyware may have already infected your device, get an antivirus immediately.

Once installed, this software seeks and destroys any and all viruses, trojans, worms, and of course, spyware, already hiding in your device’s drive. What makes this software so great is it also prevents more malware from infecting your device in the future.

But don’t just trust any antivirus you find because there is a lot of rogue security software out there. You never know who made them and if they actually protect your device from malware or make it more vulnerable instead.

Only ever get the best antivirus tools for android from trustworthy sites.

Get a VPN

If you don’t already have one, you should get a VPN (Virtual Private Network).

This software prevents spies from monitoring your online activity and tracing it back to you. This is done through encryption and IP masking.

Your online searches consist of data packets which contain readable plain text. Since your searches have to go through your ISP before they get to a DNS server, that means your ISP (and anyone else who has intercepted your online connection) can view and read exactly what you’re searching for. They then trace your searches to your IP address and pin those searches to your personal identity.

But with a VPN active, the plain text inside your searches’ data packets get encrypted into unreadable jargon. Furthermore, a VPN also hides your true IP address and replaces it with a different one. This means that your ISP won’t be able to read what you’re searching for and hackers won’t be tracing your searches back to you.

This is why a VPN is a great tool to avoid spies. However, not all VPNs can do this.

Stay away from ‘free’ VPNs as they’ve been known to sell your data/remaining bandwidth which has lead to cyber attacks on their users. Instead, look for the best VPN for Android that you can trust with your privacy.

Go incognito or replace your browser with TOR

Most browsers come with an ‘incognito’ mode. Switching to this mode means your browser won’t save your browsing history, cookies and site data, and information entered in forms.

However, your activity will still be visible to the websites you visit, your employer or school, or your ISP.

If you find this unacceptable, you can replace your browser with TOR (The Onion Router). This browser ensures your privacy by wrapping your online activity in at least 3 layers of encryption and “bouncing” it for the same number of times through several IP addresses before finally arriving at the right DNS server.

The problem with TOR is it’s built for privacy and not for security but you can easily solve this problem by pairing TOR with a compatible VPN.

Replace your search engine with a private search engine

Did you know that popular search engines live off the personal data you provide them? They get this personal data by tracking your online activity as you navigate from one site to another on the Web. They then use this data to send you those annoying personalized ads.

You might have a problem with the knowledge that your search engine tracks your online activity and connects that activity to your personal identity — or you simply hate those annoying ads.

Either way, you can be rid of them by replacing your search engine with one that’s more privacy oriented like DuckDuckGo. This search engine foregoes personalized ads and personalized search results.

Get OpenDNS

Another thing you should watch out for are phishing emails. The people behind these emails employ social engineering and psychological tactics to get you to click on malicious links that contain malware.

Emails aren’t the only way phishing is done, though. If you’ve got the eye for it, you can find phishing attempts on websites, chats, and even comments. Keeping an eye out for phishing attempts gets harder and harder especially since hackers can now use AI to formulate and spread phishing emails for them.

Fortunately, OpenDNS is the solution to this problem. Simply put: OpenDNS prevents you from navigating to known malware and phishing sites. These sites are part of a list that gets updated daily so you can avoid even the newest ones. Open DNS also blocks suspicious sites that use IP addresses reserved only for internal networks.

Strengthen your passwords

You may have heard this time and time again but it’s worth repeating: Use strong passwords. Strong passwords can help you avoid spies from accessing your accounts through Brute Force or Dictionary attacks.

Strong passwords shouldn’t only be lengthy, but they should also be complex. If you lack the creativity to formulate a strong password, you can use a password manager app. These apps not only formulate strong passwords but also keep these passwords for you. This means that you won’t have to worry about losing that piece of paper that you scribbled your password on.

Additionally, remember to use 2-factor authentication whenever possible. This prevents hackers, who’ve somehow gained access to your credentials, from accessing your accounts by requiring them to enter a security number or code.

Be cautious with your social media

One of the most overlooked forms of spying is the type people get from social media. Not only is the platform itself spying on you, but you’re also being spied on by the random people who want to be your “friend”.

This is why you should always be cautious around what you share on your social media accounts. Remember that not everyone needs to know everything about you.

Also, watch out for friend requests from random people. You never know if they’re actually who they show they are. Check their profile and other photos. A suspicious lack of any of the two should be a red flag.

Also, look at the number of mutual friends you two have as well as the date on which they started their account. Other social media hackers actually use your friends’ profile pictures and information to create another account.

This other account then purports to be your friend who made a new account for whatever reason. When you do get a friend request from someone who might be pretending to be a known friend, be sure to ask your friend if it’s them and don’t delete the suspicious friend request so you can use it for evidence and report it to the social media administrators.

Clear cookies frequently

We would normally never pass up a cookie being offered to us. But the same shouldn’t be true for Web cookies.

These cookies contain minute data that let a site remember your auto-fill preferences and shopping cart contents. However, these cookies can also track your online activity despite having navigated away from the site where the cookie originated.

Even more problematic is the fact that these cookies actually record your online activity for the whole session.

This is why it’s always a good idea to regularly clear your Web cookies. You can also go to your browser settings and disable cookies for certain sites or disable all cookies entirely — although this would make using certain sites unbearable as cookies do keep your preferences.

Review your app permissions

You will notice that certain apps will ask permission to access specific functions on your device. This can range from social media apps requesting access to your photos, contacts, and calendar to map and GPS apps that request access to your location.

By allowing permission to these apps, you’re not only giving them permission when they need it, but you’re also actually giving them access to your information at all times.

If letting other people listen to your private conversations and texts or letting them know exactly where which floor of a building your currently in isn’t what you signed up for, you can review and revoke any permissions you’ve allowed your apps.

Do note that doing this will prevent certain apps from working so weigh your options wisely before making any final decisions.


Smartphones are great but there are a lot of spies looking to mine your device for your private information. You can kick these spies out and stop them from coming back by:

  • Getting an antivirus
  • Getting a VPN
  • Going incognito or use TOR
  • Replacing your search engine with DuckDuckGo
  • Using OpenDNS
  • Strengthening your passwords and use 2FA
  • Practicing caution on social media
  • Clearing web cookies frequently
  • Reviewing and revoking your app permissions

Following these simple steps will get your device well on the way to being spy-free.

IFSEC International is getting ready…

IFSEC International is getting ready to welcome security professionals back to Europe's leading integrated security event this July. Taking place at ExCeL London on 12-14 July, IFSEC International will be your first opportunity to meet suppliers face-to-face and see innovative approaches to security technologies once more!

Notify of
1 Comment
Newest Most Voted
Inline Feedbacks
View all comments
April 17, 2021 3:36 am

Good program