How do I know if I have a cyberstalker?

A lot of people out there seem to be creeped out at the thought that they might have a stalker following their online activities. They want to know who is viewing their profiles, looking at their photos, reading their status updates and how often.

On Facebook, there have been many applications advertised to let you find this information and all of them are fakes. It’s a good thing, too. These applications may satisfy your curiosity, but they treat all of the friends that you added to your profile as potential stalkers. Even if it were possible to find a Facebook application that reveals your profile views, by using that application to find stalkers you would become the very thing that you were trying to avoid. You’d be stalking your friends’ online activities and snooping on actions that they believed were their own, private actions.

Recently, professional site LinkedIn have removed anonymity from profile views, based on a user setting. MySpace have a similar feature: if you want to see who views your profile, you must let them see your activity. If you consider how frequently Facebook is changed, it seems that there is every chance that Facebook will add the same feature in the future. Facebook also have a disturbing policy of enabling new settings by default. It hasn’t happened yet, but it is a reason to be vigilant. If you want to sacrifice your privacy in order to satisfy your curiosity it should be your choice and the choice of those who do not want to sacrifice their privacy should be respected as well.

So, do you have a stalker?

The first thing to get clear in a discussion about stalking is what stalking actually is. That way we can avoid persecuting and humiliating innocent people with the reputation-damaging label “stalker”.

A stalker is not someone who views your social profiles. It is not someone who views your page a lot. It is not someone who views your photos and it is not even someone who downloads them. None of these activities automatically make someone a stalker.

If you are really being stalked it is a serious matter. It is illegal in at least some countries, as a form of threat and harassment.

The US legal definition states that not only do you have to be followed, but it is “with the intent to place that person in reasonable fear of death or serious bodily harm” (I suggest you read the whole definition here).

Cyber stalking also involves high levels of harassment, distress and the intent to track down and meet a person in the physical world. To reduce the chance that someone can trace you in the physical world you can read our guides on using location-based Facebook and how to use Twitter safely.

I have to suggest that before you accuse someone of being a stalker you should think very carefully. Are you really under threat of death or injury just because someone views your photos online? Photos that you published yourself? Because when you put things online, your social profiles, your location, your pictures, your thoughts, your job description, you are publishing it.

If you are reading this and you do have a real stalker, if you are living in fear of physical harm, then contact local law enforcement.

Now that I have that warning out of the way, I can give you some practical tips in case you are curious about how much your profiles are getting viewed. I know that a lot of people have encountered this blog by searching for ways to discover so-called stalkers or to find out how to track people online better. I know because I can see how searchers came to this site. Yes, I can see that.

If you look around you can find there are several sites and services that give you viewing statistics. I already mentioned the features in MySpace and LinkedIn, which allow you to see the details of your viewers so long as you are willing to reveal your details to them. That’s a nice way to do it.

Blogging sites offer statistical views of how many views you have for each post and where the posts have been linked. This is still somewhat anonymous, but that should be fine. It is still a lot of information.

YouTube even have a little statistics area that can be opened up from underneath each video that tells you the age, gender and country of the video’s viewers and which link or search brought them to the video.

Facebook? The best advice I can give you is this: Why don’t you just ask?

Ask your friends and they might even tell you. You can also use common sense: Find out who comments most often and who ‘likes’ the most photos and status updates; the chances are that they view your profile the most often and that they are also very active Facebook users.

Of course, going through your Facebook Friends’ list and removing anyone you do not trust personally is always a good idea.

Here on Safe and Savvy we have a lot of posts related to online privacy. If you are still curious then take a look at our archives and subscribe to our RSS Feed.

More posts from this topic

The Dukes

“The Dukes” – Ask the Experts

Last week, F-Secure Labs published a new study that provides a detailed analysis of a hacking group called “the Dukes”. The Dukes are what’s known as an advanced persistent threat (APT) – a type of hacking campaign in which a group of attackers is able to covertly infiltrate an organization’s IT network and steal data, often over a long period of time while remaining undetected. The report provides a comprehensive analysis of the Dukes’ history, and provides evidence that security researchers and analysts say proves the various attacks discussed in the report are attributable to the Duke group. Furthermore, the new information contained in the report strengthens previous claims that the group is operating with support from the Russian government. Mikko Hypponen has said that attacker attribution is important, but it’s also complex and notoriously difficult, so the findings of the report have considerable security implications. I contacted several people familiar with the report to get some additional insights into the Dukes, the research, and what this information means to policy makers responsible for issues pertaining to national cybersecurity. Artturi Lehtiö (AL) is the F-Secure Researcher who headed the investigation and authored the report. He has published previous research on attacks that are now understood to have been executed by the Dukes. Patrik Maldre (PM) is a Junior Research Fellow at the International Center for Defense and Security, and has previously written about the Dukes, and the significance of this threat for global security. Mika Aaltola (MA) is the Program Director for the Global Security research program at the Finnish Institute for International Affairs. He published an article of his own examining how groups like the Dukes fit into the geopolitical ambitions of nations that employ them.   Q: What is the one thing that people must absolutely know about the Dukes? PM: They are using their capabilities in pursuit of Russian strategic interests, including economic and political domination in Central and Eastern Europe, as well as the Caucasus region, and a return to higher status at the international level. AL: They are a long-standing key part of Russian espionage activity in the cyber domain. MA: The geopolitical intention behind the vast majority of targets. Q: We now know the Dukes are responsible for a number of high profile attacks, and seemingly target information about politics and defense. But what kind of information might they obtain with their attacks, and why would it be valuable? AL: They might obtain information like meeting notes, memos, plans, and internal reports, not to mention email conversations. In essence, the Dukes aim to be a fly on the wall behind the closed doors of cabinets, meeting rooms, and negotiating tables. PM: The targets of the Dukes include government ministries, militaries, political think tanks, and parliaments. The information that can be gained from these organizations includes, among other things, sensitive communication among high-level officials, details of future political postures, data about strategic arms procurement plans, compromising accounts of ongoing intelligence operations, positions regarding current diplomatic negotiations, future positioning of strategic military contingents, plans for future economic investments, and internal debates about policies such as sanctions. MA: The targets are high value assets. Two things are important: data concerning the plans and decisions taken by the targeted organizations. Second, who is who in the organizations, what are the key decision-making networks, what possible weaknesses can be used and exploited, and how the organization can be used to gain access to other organizations. Q: The Dukes are typically classified as an APT. What makes the Dukes different from other APTs? MA: APT is a good term to use with the Dukes. However, there are some specific characteristics. The multi-year campaigning with relatively simple tools sets Dukes apart from e.g. Stuxnet. Also, the Dukes are used in psychological warfare. The perpetrators can even benefit from they actions becoming public as long as some deniability remains. AL: The sophistication of the Dukes does not come as much from the sophistication of their own methods as it comes from their understanding of their targets’ methods, what their targets’ weaknesses are, and how those can be exploited. PM: They are among the most capable, aggressive, and determined actors that have been publicly identified to be serving Russian strategic interests. The Dukes provide a very wide array of different capabilities that can be chosen based on the targets, objectives, and constraints of a particular operation. They appear to be acting in a brazen manner that indicates complete confidence in their immunity from law enforcement or domestic oversight by democratic bodies. Q: There are 9 distinctive Duke toolsets. Why would a single group need 9 different malware toolsets instead of just 1? AL: The Dukes attempt to use their wide arsenal of tools to stay one-step ahead of the defenders by frequently switching the toolset used. MA: They are constantly developing the tools and using them for different targets. Its an evolutionary process meant to trick different “immunity” systems. Much like drug cocktails can trick the HIV virus. PM: The different Duke toolsets provide flexibility and can be used to complement each other. For example, if various members of the Dukes are used to compromise a particular target and the infection is discovered, the incident responders may be led to believe that quarantines and remediation have been successful even though another member of the Dukes is still able to extract valuable information. Q: Many people reading this aren’t involved in geopolitics. What do you think non-policy makers can take away from this whitepaper? AL: This research aims to provide a unique window into the world of the Dukes, allowing people not traditionally involved with governmental espionage or hacking to gauge for themselves how their lives may be affected by activity like the Dukes. PM: It is important for people to understand the threats that are associated with these technological developments. The understanding of cybersecurity should grow to the point where it is on par with the wider public’s understanding of other aspects of international security, such as military strategy or nuclear non-proliferation. This knowledge is relevant for the exercise of fundamental liberties that are enjoyed in democratic societies, including freedom of speech, freedom of the press, freedom of association, as well as of basic rights such as voting in elections. MA: The geopolitical intent is clearly present in this activity. However, the developments in this realm affects other types of cyber-attacks. Same methods spread. There is cross-fertilization, as in the case of Stuxnet that was soon adapted for other purposes by other groups.   F-Secure’s Business Security Insider blog recently posted a quick breakdown on how the Dukes typically execute their attacks, and what people can do to prevent becoming a victim of the Dukes or similar threats. Check it out for some additional information about the Dukes.

September 22, 2015

Did a funny test in Facebook? Time to clean the permissions.

You are precious. You are very valuable. At least to companies dealing in advertising and customer profiling. The value of you and your peers make giants like Google and Facebook tick, with a combined revenue of about $78 billion. I’m sure most of you understand this value. But how many are really making smart choices to guard it? If you’re on Facebook, you may have seen posts like this: “Your Friday night. Tina wants to sleep. Jan destroys furniture. Aaron wakes up handcuffed. Wilhelm starts a drinking competition.” Clicking the image takes you to, or a localized version in your own language. Once there you can create your own test that reveals funny things about you and your friends. It’s obvious that these test are more entertaining than scientific. And this site can’t be blamed for lacking fantasy! Who thinks you’re sweet? How many children will you have? Who should you write a love song for? Who of your friends belong in your stuffed animal collection? Stuffed animal collection! OMG. LOL. :) You can find out all this and much more with the tests at The site is operated by a German company named Socialsweethearts, that claim to have over 1500 tests in more than 40 languages! OK, just another funny and harmless site that creates virally spreading posts and cashes in on advertising, you might think. But let’s take a closer look at what’s going on here. Many of the test involve your friends, revealing whom would be or do something. And to provide this they must know who your friends are, right? So it’s perfectly legit when a dialog pops up asking for access to your Facebook account and friends list. Wait! This is where you should stop and think. Let’s rephrase what’s going on. You purchase an automatically generated joke about you and your friends and pay by allowing them access to your friend list and Facebook wall, including all your past, current and future posts. A good deal? No, I don’t think so. And on top of that, you pay with knowledge about all your friends too, but without asking them for permission. Ok, Socialsweethearts is a German company, and Germany has strong privacy laws. I think there is a pretty good chance that this company isn’t misusing your data shamelessly, even if they definitively has the technical opportunity to do so. But this is pure luck. I bet that virtually none of the folks using these tests actually checked the background of the company and made an educated decision to trust it. Did you? But on the other hand. Pretty much all the giants that make billions on our private data are from the Americas. Europe has totally lost this race. A German company entering the same business successfully would be bright news, sort of. Bad news for your privacy but good news from European business perspective. So don’t worry too much if you have used the services on But this is anyway an excellent opportunity to clean up the list of apps that have access to your data. In Facebook, go to Settings and choose Apps in the menu to the left. Now you see a list of all apps and sites that have been granted access. Some of them are no doubt legit, for example apps that should be able to post to your wall. But the permissions will stay when you stop using something. And some permissions are only needed on a one-time basis, but they will stay on the list. belongs to that category and should be erased. Go through the list and remove anything you don’t need. If you see something that you don’t understand the meaning of, it’s safest to remove it too. Permissions can always be added back and apps that lose their permissions will notify you and ask you to grant new permissions. Happy cleaning, Micke   [caption id="attachment_8485" align="alignnone" width="300"] This is what it looks like when want's permission to access your data in Facebook.[/caption]   Images: Screenshots from and  

September 21, 2015