Spotting spyware and stalkerware: Taking back control of your device¶

Duration: 90 minutes (can be shortened or split over two sessions)

Who it is for: Survivors, advocates, shelter workers, and community members. No prior tech knowledge needed.

Workshop goals: By the end of the session, participants will:

• Understand what spyware and stalkerware are, and how they’re used in abusive relationships

• Recognise red flags that suggest a device might be compromised

• Learn how to do a basic check of a smartphone or computer

• Know what not to do (to avoid tipping off an abuser)

• Feel more confident in deciding what to do next — and where to find support

Session outline¶

1. Welcome & framing (10 minutes)¶

• Quick check-in, outline goals, set a non-judgemental tone

• Explain that this is about awareness, not paranoia

• Emphasise control: “You decide what steps to take — this is your space.”

2. What is stalkerware? (15 minutes)¶

A short, accessible explanation:

• Spyware or stalkerware is software that lets someone secretly watch what you do on your phone or computer — texts, location, photos, even microphone use

• It’s often installed by someone with physical access, like a partner or family member

• Sometimes disguised as calculator apps, safety tools, or even kids’ games

Keep this grounded. Use stories, not scary tech language.

3. Signs something might be wrong (10 minutes)¶

Facilitator-led discussion (use a whiteboard or sticky notes):

• Battery drains quickly?

• Phone hot when not in use?

• Location always “on”?

• Unknown apps with weird names?

• Someone “knows things” they shouldn’t?

• You feel watched — and it’s not in your head

→ Handout: Red Flags Checklist: Printable, discreet, easy to tuck into a bag.

4. Hands-on: Device audits (30 minutes)¶

Split into breakout pairs or small groups (depending on numbers). Use safe test devices (not personal ones unless someone really wants to). Guided walkthroughs for:

• Android audit: Using an APK from USB, check for spyware, review permissions

• iPhone audit: Look for profiles, battery use, permission settings

• Windows audit: Look at login processes, extensions, odd users

• Mac audit: Look at login processes, extensions, odd users

• Linux/BSD (optional): A very short version, or facilitator demo only

Facilitators rotate and help — this is a supported activity, not a test.

Everything is in plain language, using offline handouts. No need for internet access.

5. What not to do (5 minutes)¶

Important safety notes:

• Don’t delete apps without thinking — might alert the abuser

• Don’t confront abusers immediately

• Don’t change all passwords at once if they have physical access

• Document first — then decide what to do

→ Sheet: What Not To Do (and why): Helps avoid common mistakes when panic hits.

6. What next? (10 minutes)¶

• How to get a second opinion safely (trusted tech ally, IPA Digital Safety Lab, digital rights orgs)

• How to collect evidence, if it’s safe

• Who can help: local shelters, legal clinics, digital support groups

7. Closing round (10 minutes)¶

• Invite participants to share one thing they’re taking away

• Offer space to talk one-to-one afterwards if anyone needs it

• Share printed or offline-accessible guides

Materials included¶

• Printable device check guides (Android, iPhone, Windows, Mac, Linux)

• Red flag checklist

• Tip sheet: What not to do

• List of resources (organisations, apps, digital defenders)

• Slide deck (optional — use printed version if no projector)

Notes for facilitators¶

• Respect emotion — this is a charged topic. Some may realise mid-session they’ve been targeted.

• Leave space for people to step back, or ask questions in private

• Reassure — tech is intimidating, but this isn’t about perfection. It’s about awareness and options.

• Avoid victim-blaming language. Focus on what people can do, not what they “should’ve done”.