As a private investigator, I’m often asked by businesses to gather information from cell phones owned by a company; you can protect your business by tracking your employee’s cell phone data. Even though I know the best method for collecting data from phones is through mobile phone forensics, one client was insistent that we use spyware to track calls, text messages, etc. from one specific employee they suspected of stealing from the company.
How hard could it be? There are dozens of sites out there promoting easy-to-use cell phone spyware; I chose one based on features and cost. I won’t specify the name of the particular product I used, but I will tell you about the nightmare that ensued after my purchase.
The first clue that using spyware was the wrong method of gathering evidence for my client was that the installation of the application required jail-breaking my client’s iPhone. We warned him that this would void the warranty, but he was insistent. After making the purchase, the second clue there were going to be problems became immediately obvious: overly-complex installation instructions. I have worked several complicated computer investigations that did not require this level of difficulty and technical know-how. By the time I was done installing this spyware application, I felt like a veteran programmer. This was definitely NOT the best use of my time.
Once I finally got through the installation process and entered the product license information, we were ready to start the fun part of this job… getting results for the client! I wanted to test the installation, so I opened the administrative software from my computer to see what information the spyware was reporting — and immediately received multiple errors.
Nothing I did would work. I spent hours trying to get the product to work before calling my client and finally convincing him to just let me use my cell phone forensic software to get the information. (I ended up retrieving a deleted text message that got my client the evidence he needed in about five minutes.)
So, here’s where my experience gets interesting:
My client wanted a refund from the spyware company since the product never worked. Their customer support worked with me throughout the entire installation process and troubleshooting afterward, so they knew it never worked and directed me to their refund policy. I was utterly shocked when I read it. They made it fairly easy to initiate a refund. But they warned that if I did, the target phone (I had to enter the target phone number in during purchase) would receive a text message informing them of the refund. Here’s the text they would have sent: [customer-name] has requested the removal of [insert unnamed spyware product here] from this phone” To confirm this request, send an SMS back with text: “refund [product] ok.”
Are you kidding me???!!?! So, the only way I could get a refund is if they could rat me out to my client’s employee about being investigated.
Blackmail is a strong word but that’s the only way I can describe it.
There are so many reasons why investigating cell phones should be done with forensic software from a trusted company but what I can only describe as fraudulent business practices by spyware sellers is probably the biggest reason.
Buyer beware!!!
About the author:
Nicole Bocra, CFE, is a registered private investigator in Virginia and a licensed private detective in New Jersey and Maryland. She has more than 15 years’ experience as an accountant and securities investigator. Prior to establishing her own private investigative firm, Infinity Investigative Solutions, in 2005, Ms Bocra was an in-house investigator at a law firm and lead investigator with NASD. Ms Bocra develops complex cases, provides expert investigative services and conducts in-depth due diligence using the latest in technology, financial expertise and investigative experience to ensure the most thorough inquiries.