If you have the feeling that your Your phone knows too much about you.You're not alone. Between Bluetooth beacons, apps that request permissions left and right, and geolocation services, it's incredibly easy to track your movements almost down to the millimeter these days, even if you're careful with GPS and security settings.
The worrying thing is that it's not just big tech companies or government agencies that can track you: anyone with a bit of a bad idea (A controlling ex, a stalker, a car thief, or even an overly nosy boss) can combine a simple app and a small Bluetooth device to monitor you without your knowledge. The good news is that there's plenty of room to defend yourself if you know where to look and what to disable, such as precise location sharing.
How you are tracked using Bluetooth, WiFi, and physical beacons
The small, coin-sized Bluetooth trackers were created to help find objects that we usually lose such as keys, wallets, or suitcases. They contain a battery, a Bluetooth Low Energy (BLE) chip, and are managed from a mobile app that allows the beacon to be located with considerable accuracy.
The trick is that these trackers don't just rely on your phone: Apple and Google's networks make it so any nearby smartphone with Bluetooth enabled It can report the position of a beacon to its servers. This allows its owner to see on the map where that AirTag, SmartTag, or similar device is located, even if it is hundreds of kilometers away.
Today, the best-known beacon is Apple's AirTag, which can use [information] in its search functions. UWB technologyBut there are many others that work in a similar way: Samsung SmartTag, Tile, Chipolo, eufy, Filo and other devices, including Bluetooth headphones and accessories with "Find My Device" features. In short, the ecosystem of Bluetooth-enabled gadgets is enormous.
The problem is that this technology, so convenient for the forgetful, is also a gift for stalkers: all it takes is hide a beacon in a bag, car or coat to track the victim's movements without their knowledge. Cases of its use have been documented in stalking ex-partners, surveillance prior to the theft of expensive cars, and even more serious criminal situations.
To top it all off, your mobile phone also plays a part in the game even if you don't use beacons: many of the apps you install rely on Bluetooth and WiFi to deduce your location without directly accessing the GPSBy leveraging public databases of WiFi antennas and BLE beacons, it's worthwhile. Configure a near-total privacy mode on Android when you're worried about your location.
Digital tracking: stalkerware, “legitimate” apps, and hidden SDKs
Beyond physical trackers, there are two major forms of digital surveillance: stalkerware (spyware installed on your mobile phone) and the mass tracking through seemingly harmless apps that abuse permissions.
Stalkerware (sometimes called spouseware) are control apps that are sold as parental monitoring or employee management tools, but whose actual use is usually to secretly spy on someone else's lifeThey usually hide completely or disguise themselves as trivial apps like a calculator, a game, or a photo gallery.
This type of software can constantly send your GPS location in the background, record your messages, collect private data, and even activate microphone or camera without you noticingThe problem for the attacker is that they need physical access to the unlocked phone for a while to install it; if you suspect anything, check out our guide on How to know if your mobile phone has been tapped We explain indicators and steps to follow.
In contrast, tracking through "normal" apps is much more subtle. A recent study of nearly 10.000 apps showed that 86% of those using beacons collect personally identifiable data (such as device ID or name) along with nearby WiFi networks, Bluetooth scan results, and, when available, GPS coordinates.
The key lies in third-party SDKs: many apps aren't programmed from scratch and reuse external modules that add visible functionalities (analytics, ads, etc.) and others that are more opaque. Some SDKs can Listen to the Bluetooth and WiFi environment and send that data to marketing companies that create extremely detailed location profiles, without the user having a real idea of what's going on.
What are Apple, Google, and manufacturers doing to minimize abuse?
After the first scandals involving AirTags being used for harassment, Apple had to react with protective measures. First, it equipped the beacons with a internal speaker starts beeping When the AirTag has been away from the iPhone it is linked to for a while, it will attract attention if someone has attached it to another object.
Later, with iOS 14.5, a feature was added that alerts you if your iPhone detects something nearby. the prolonged presence of a foreign AirTagIn that alert, you can force the tracker to make a sound, see its serial number, and even receive instructions on how to deactivate it if you suspect you are being followed.
These measures, while useful, had clear limitations: they did not protect Android users, and many attackers began using modified AirTags with broken or disabled speakers, which are sold already "silenced" in some online stores, thus avoiding the sound alert.
In 2024, Apple and Google decided to coordinate and launched a common standard, known as DULT (Detection of Unwanted Location Tracker)Thanks to this system, both iOS 17.5 and Android (from version 6 onwards) can warn the user when another person's tracker moves suspiciously with them.
With this multi-platform mechanism, if continuous tracking is detected, your mobile will show you Tracker identification, options to make it ring and steps to physically disable it. Some manufacturers such as Chipolo, eufy, Jio, Motorola, and Pebblebee have already announced compatibility with this specification, which will likely become an industry standard.
Sensitive case: Bluetooth beacons hidden in your car or belongings
One of the most common physical tracking techniques is hide a beacon in the car of the victim, for example behind the license plate, in the wheel well, under the seat, or in some other space in the passenger compartment. Because they take up so little space, they are difficult to locate at first glance.
In the automotive world, the use of devices connected to the OBD-II port (sometimes incorrectly called ODP) has also become popular. These devices are used to diagnose faults or collect vehicle dataHowever, some incorporate Bluetooth or mobile connectivity and can also be used for continuous tracking purposes.
Although the OBD-II connector is usually located in the pedal area or footwell, there are car models where it may be located elsewhere. other less obvious areasThis makes it difficult to spot at a glance. However, an OBD-II device is typically bulkier and easier to detect or remove than a small BLE beacon hidden in the dashboard or infotainment system.
Precisely because Bluetooth chips can be integrated into the vehicle's electronics, It is more difficult to detect tracking based on hidden hardware. than a simple OBD dongle dangling from the port. That's why it's important to complement physical inspections with software tools that monitor for suspicious wireless connections.
How to tell if your mobile phone is being tracked or “listened to”
Even if it's not always with malicious intent, your phone is tracked daily by apps, websites, and advertisers. Google Maps is the perfect example: to give you routes or suggest nearby places, it needs to know exactly where you are and where you are movingMany cloud services work the same way.
The problem begins when this tracking isn't limited to improving the service, but is combined with advertising profiles, the sale of data to third parties, or worse, spyware installed without your consent. In these cases, it's important to pay attention to certain things. alarm signals which may indicate surveillance.
One of the clearest clues is the system status icons. On iPhone, if you use the camera or microphone, a [icon/icon] appears. green or orange dot at the top On the screen, if any app accesses your location, an arrow appears next to the clock. If you see these indicators without using anything that needs them, something is wrong.
To check which app is accessing those resources on iOS, you can swipe down from the top right corner, open Control Center, and tap the banner that appears above the icons; you'll see a List of apps that have used camera, microphone, or location recently. If there are any you don't recognize or shouldn't, you'll need to investigate or uninstall them.
On Android, modern systems also show a Green dot when camera or microphone is active and an arrow when geolocation is used. From Settings > Location, you can see which apps have accessed your location under "Recent access." Any unknown or suspicious apps should be uninstalled, and then a security scan should be run.
Strange performance, unusual apps, and other symptoms of spyware
In addition to the icons, there are more subtle symptoms that point to possible hidden tracking. One of the most typical is abnormally high battery consumption even when you barely use your mobile phone, because the spyware is continuously sending data in the background.
Another common sign is a spike in mobile data usage: if a spy app is sending your location, messages, and other information to a remote server, it's logical that The data counter spikes without reasonable explanationYou can check the usage per app in your phone's settings and look for processes that don't sound familiar.
Constant overheating is also cause for concern. If your phone gets excessively hot while barely idle or performing light tasks, there might be a problem. malicious software working in secret, whether stalkerware, classic malware or some hyper-intrusive app.
Finally, it's worth periodically reviewing the list of installed applications. Sometimes spyware disguises itself as weather app, flashlight, or system tool that you almost never look at. If you see an icon you don't remember installing, search for it by name online; if it's not something official and well-known, it's best to delete it immediately.
After uninstalling any suspicious apps, it's advisable to run a reliable Android security tool that performs a full scan, just in case any malware remains. remnants of installation files or hidden modules that aren't visible on the main screen. And if you're looking for an even more privacy-focused system, consider options like Graphene OS.
How to stop tracking: Bluetooth, GPS, cookies, and permissions
If you suspect you're being watched, or simply want to minimize surveillance, the first step is understanding what triggers you have at your disposal. The most radical way is to activate the Airplane mode, which cuts off mobile networks, WiFi and Bluetooth Suddenly. However, the GPS may remain active and some functions will continue to deduce your location.
If you're only concerned about tracking via beacons, you can opt for specifically disable Bluetooth when you're not using it. On iPhone, simply open Control Center and tap the Bluetooth icon; on Android, swipe down the quick settings panel and tap the corresponding button. For specific Bluetooth issues on mobile devices, see information on Bluetooth on mobile phones.
The next important step is location. On iOS, you can go to Settings > Privacy & Security > Location Services and completely turn off location services or limit it app by app (for example, allow it only when the app is in use). On Android, you can disable system access from Settings > Location > Use location.
You should also check who can access your camera and microphone. Both systems have a menu for Permissions by category (camera, microphone, location, Bluetooth) where you can check which apps have access and revoke it if it's not essential for their main function; also, review and Limit which photos each app sees. if the privacy of your gallery worries you.
In the realm of web browsing, much of the tracking comes through cookies, scripts, and browser fingerprints. Regularly clearing your history, cache, and cookies from Safari (on iOS) or Chrome (on Android) reduces the amount of persistent data they can use for tracking. recognize you and follow you across websites.
Private browsers and VPNs: an extra layer of online protection
To further complicate matters for third parties trying to profile you, you can use specialized private browsers. Some, such as those focused on privacy, incorporate ad blocking, third-party cookies and trackersand enforce the use of HTTPS to prevent insecure connections.
Another very useful layer is a trusted VPN: by encrypting all your traffic and routing it through an intermediary server, Hide your real IP address and approximate location This does not prevent tracking via physical beacons or apps with excessive permissions, but it does reduce advertising tracking based on your connection.
However, it's important to understand that a VPN isn't a magic wand: if you allow an app access to your GPS location, Bluetooth, or microphone, it will still be able to... collect data directly from your device Even though all traffic is encrypted, the underlying issue will always be the permissions and settings of the mobile device itself.
By combining a private browser, regular cookie clearing, and a VPN, you can achieve significantly more discreet browsing, especially useful on public Wi-Fi networks in cafes, hotels, or libraries, where third parties could monitor your activity. spying on your traffic if it's not well protected.
Good security practices so you don't get caught off guard
Beyond specific adjustments, there's a set of habits that make all the difference. The first is not to leave your unattended personal devices and belongings, especially when they are turned on: this prevents someone from having the physical time to plant a beacon or install stalkerware on you.
On your mobile device, always enable biometric authentication (fingerprint or face) and configure a PIN or strong passwordAvoid easy dates or obvious patterns. Reduce the automatic screen lock time to 30 seconds or less so the phone isn't left unlocked on a table.
The same applies to laptops and desktop computers: it's worth using a username and password, and a biometric system if available. lock the session when you wake upEven if it's just for a moment. A few minutes of inattention is enough to install unwanted software.
It's also a good idea to protect app installations: on both iOS and Android you can request that they be protected. Validate each download with a payment method or passwordThis makes it difficult for someone to install software without triggering any issues. On Android, it also disables installation from unknown sources unless you specifically need to and know what you're doing.
Finally, keep your apps updated (at least once a month) and delete the ones you no longer use. The fewer apps you have, the better. less attack surface and fewer third-party SDKs digging into your dataIf you have ever shared passwords with another person or suspect that they may have been compromised, change them and use a password manager with two-step authentication.
What to do if you discover a tracking device or beacon in your belongings
If your mobile phone alerts you to a nearby unauthorized tracker, or you detect strange behavior and then discover a hidden beacon, the first thing to do is try to physically locate the deviceUse the "precise search" options offered by some apps, moving around the area where it might be.
Thoroughly check bags, backpacks, wallets, jackets, and car compartments (under the seats, in the trunk, in the wheel wells, behind license plates or bumpers, etc.). If you're unsure whether the beacon you found is the one the app indicates, check its serial number, either printed on the casing or by scanning it with NFC if the model supports it.
Locating the beacon also helps to rule out innocent or legitimate situationsIt could be a keychain belonging to a family member you live with, a tracker in a car or rented equipment listed on the contract, or headphones you accidentally picked up thinking they were yours.
The situation becomes more complicated when you suspect malicious intent. In contexts of gender-based violence, serious relationship conflicts, or harassment, it is essential to prioritize... physical security above all elseIn such cases, it is usually best not to confront the potential aggressor directly or give them any clues that you have discovered the surveillance.
It is advisable to contact the police or specialized support organizations and agree on how to proceed: they may ask you to Take the beacon to a safe place (but avoiding having it recorded at the police station if that could alert the aggressor) or leaving your own phone at home while you file the complaint.
How to respond if the risk of violence is low
If you believe there is no real risk of physical aggression and you detect a malicious tracker, the most sensible option is usually to hand it over to the security forcesSimply throwing it away or removing the battery may not be enough, because the person who placed it could decide to repeat the action with another device.
In the case of stalkerware, ideally the police or a forensic expert should conduct an investigation first. digital copy of your mobile to preserve potential evidence (activity logs, connections to remote servers, etc.). Once you have gathered this information, you can then remove the spyware using a security solution.
To strengthen your protection, advanced security suites for Android include features such as automatic detection of known stalkerwareAnalysis of suspicious installation files, scanning for nearby Bluetooth devices that keep repeating around you, and permission checkers that alert you when a new app gains access to your camera, microphone, location, or Bluetooth.
Even free versions of some solutions allow you to run regular manual scans, although real-time protection and automatic checks are usually reserved for paid versions. In any case, having an extra layer of protection against intrusive apps is a worthwhile investment if you're concerned about privacy.
All of this, combined with some common sense (limiting what you share on social media, avoiding logging into personal accounts from shared or public devices, and keeping your passwords safe), greatly reduces the chances of someone being able to track your every step via Bluetooth, WiFi or your mobile phone.
Taking care of your phone settings, monitoring which apps you install, understanding how Bluetooth beacons work, and knowing how to react to potential tracking makes all the difference between being an easy target and having control of your privacy. If you dedicate a few minutes to adjusting permissions, checking nearby devices, and adopting good security habits, it will be much more difficult for anyone to secretly spy on you via Bluetooth or other means.
