Dealing with audio bugs, surveillance cameras & location trackers

The technology driving surveillance equipment has progressed rapidly. The ability to connect bugs to wireless networks or mobile data networks, along with the advances in the technology itself, means that it is easier than ever to buy a device from the internet and use it to spy on someone.

Many of our users – particularly in cyberstalking and online harassment cases – feel that their homes and devices are bugged and that their location is being tracked. Often they feel that there may be devices in their homes, devices or cars.

One important thing to point out here is that this is rarely the case. There is usually a simple explanation for the leak of information or the fact that the individual knows their location, but it does happen and it is important to know what you can do.

We want to better understand the impact of you experiencing this issue, can you share your experience by filling in this online form? This will help us better protect future victims.

How might someone spy on me using bugs, cameras & trackers?

There are a range of ways that someone may listen in on your conversations, watch you or track your location. Here we list out some key approaches and discuss them at a high level.

Physical surveillance

One form of surveillance, without any technology, is to physically follow you and listen in to your conversations. If the person knows you well they may have a good feel for your typical routine already – or they may be able to build a picture of this from your online activity.

An individual may also be speaking to someone close to you or be assuming a false identity online to trick you into communicating with them and sharing sensitive information or location.

One thing to consider here is that it is resource intensive to physically follow someone on a regular basis and it takes a lot of skill to be able to do this without being spotted.

Hacked online accounts & devices

Gaining unauthorised access to your online accounts or devices is a common way for individuals to be spied on.

An ex-partner may know your passwords (or have helped you set up online accounts) and simply be able to log into your online accounts and see your communications, location and data. For example, if an individual has access to your Apple ID they can access location, communications and the data you have on iCloud (like photos).

In some simple scenarios the perpetrator is an ex-partner who is still paying the phone or internet bills and therefore is the owner of the account. This means they have access to phone records and can access your wireless router control panel etc.

Devices may also be compromised and used to track an individual. The use of malicious software, like spyware, may be installed on a device and provide the perpetrator with access to your location, device’s camera & microphone, communications and settings.

Using the technology you have already

Take a moment to think about all of the microphones, cameras and location-enabled devices that you already have in your home. Your mobile phone, TV, smart speaker, tablets, computers, watches, home security systems and more likely all have them installed.

If the perpetrator can use these they will, especially your mobile phone which you are likely to have with you most of the time. Most of these devices are managed using the internet or a mobile app, so getting access to these is the most common way to compromise your own technology.

One common way we see people being tracked is through the use of apps designed for sharing your location with friends or being able to find your devices. Often the individual had physical access to the device at some point and may have set up the location sharing in the app without the person knowing.

Planting a bug, camera or tracker

There are a range of products for sale online in ‘spy shops’. It is legal to sell these devices, however, illegal to use them maliciously which is why they are so readily available. It is important to note that for physical bugs, the perpetrator would need physical access to the place they want to bug.

Typical devices:

  • GSM audio bugs – these are small devices which are usually in plain dark casing with very little to indicate what its purpose is. They will be silent with no visible lights or moving parts. They will have a SIM card in them and the perpetrator will be able to dial the number linked to the SIM to listen in to the device. Some will be voice or motion activated. These would be physically placed in a relevant location and likely be too small to be noticed. It is likely that these will be battery powered and the battery would need to be replaced often (weekly).

  • Camouflaged GSM audio bugs – exactly the same as above, but the bug is integrated into something else like a phone charger, plug socket, USB car chargers, adaptor, clocks etc. The aim here is to limit the chance of them being noticed. There is a higher chance that these will draw power from the mains and not need to be physically charged or have the battery replaced.

  • Cameras – these are devices that include a camera to record video (and likely audio too). These devices may be a standalone device or camouflaged by being integrated into other items just like camouflaged GSM audio bugs. They will either use mobile 3G/4G networks or connect to a wireless network. These cameras may store the footage onto a memory card in the device or upload it onto a website for the perpetrator to access.

  • Location trackers – these are devices that are designed to track the GPS location of people, cars or other physical items. These are small devices, which like bugs and cameras, maybe be standalone devices or integrated into another item so it is camouflaged. There are typically two types: 1) Past Track, which keeps a historical log of location stored on the device so it can be accessed physically and retrieved when necessary or 2) Real-Time, where the data is uploaded directly to the internet in real-time and can be tracked live by the perpetrator. These are typically battery powered and may need to be charged – or battery changed -every couple of weeks.

Approaches to dealing with bugs, cameras & trackers

Most individuals realise that they are being spied on because someone knows something they shouldn’t – or someone seems to know their location even though they shouldn’t.

  1. Keep a log of incidents – every time that the perpetrator shares a piece of information that they shouldn’t know or turns up a location that they shouldn’t know you were going to be there write it down. Write down time & date, what happened, who knew about the information and what devices the information was communicated on. Over time this will help you narrow down where the information leak is and what you can do about it.

  2. Speak to the police if you are being physically followed – it is important that if you feel you are being physically followed that you contact the police. Don’t confront the individual. Head to a busy area, tell others what is happening and contact the police.

  3. Secure your online accounts and devices – making sure your online accounts (like email and social media) and your devices and their online accounts are secure can go a long way to limiting the ability of an individual to spy on you. A good approach is to follow our Cyberstalking Action Plan – particularly steps four to nine – as this outlines a good approach for understanding and securing your online environment.

  4. Search for bugs, cameras and trackers – doing your own basic search for a device is a good step. This guide from wikiHow is a good approach to conducting the search. There are devices that you can buy that will help you sweep for any devices emitting a signal in your home. These are called RF Detectors. A word of caution here is that these are hard to use and there are many legitimate signals that it will pick up from your own home or from your neighbours.

  5. A professional bug sweep – you can pay a professional team to perform a bug sweep. These are expert teams using specialist equipment to find any malicious devices. These sweeps do come at a cost with a typical house sweep costing thousands of pounds.

What to do if you find something

If you do find a suspicious device the best thing you can do is not touch it. Take photographs of it in its original location and then contact the police. They will follow a procedure to ensure all evidence is preserved.

If it is a compromise of an online account or device then take a similar approach. Screenshot or photograph the login or activity and save these images somewhere safe. Contact the police and follow their advice.

If you do not wish to involve the police you can act to secure that online account or device and remove the malicious access. See our guides page for specific types of accounts or devices. Before doing so it is important to be aware that by removing access you may force the perpetrator into a different approach which may carry more risk. It may be worth getting expert help from an organisation like The Cyber Helpline or a stalking charity first.

Report the crime

Without first getting permission it is illegal to access someone’s accounts or devices. It is also illegal to use bugs, cameras or trackers without first getting permission.

If you are in England, Wales or Northern Ireland you should report all cyber crime to Action Fraud. In Scotland, you can see details of reporting to Police Scotland here.

Donate

To help people like you we rely 100% on donations from people like you.

Without donations we cannot keep our service free and provide help to the most vulnerable victims of cyber crime when they need it most. As a not-for-profit organisation, 100% of your donation goes towards keeping The Cyber Helpline up and running - so 100% goes towards helping people like you. Donate now and help us support victims of cyber crime. 

To help people like you we rely 100% on donations from people like you.