How to Detect Spyware on Android (Stalkerware Scan)

    Android can be scanned for stalkerware — here's how to do it properly: run a reputable anti-malware scan, check Play Protect, and review the accessibility and device-admin permissions hidden monitoring apps rely on.

    JDCS
    By Jordan Dickson · Reviewed by CSG Security Engineers

    Updated June 2026 · 4 min read

    Android is a more open system than an iPhone — apps can be installed from outside the Play Store and can be granted deep access to the screen and other apps. That openness is genuinely useful, but it’s also why real stalkerware is more common on Android: anyone who has had your unlock PIN or pattern, or who set the phone up for you, could have installed a hidden monitoring app in minutes. If something feels off, that suspicion is reasonable — and the good news is that, unlike an iPhone, an Android phone can actually be scanned. The only way to know is to look.

    Why a scan really can find it on Android

    On an iPhone, security apps are walled off and can’t inspect the rest of the device, so a ‘scanner’ app there is mostly theatre. Android is different: a reputable anti-malware app is allowed to read the list of installed apps and their permissions, so it can spot known stalkerware and the tell-tale access these apps demand. A scan won’t catch everything — so you’ll also check a few settings by hand below — but on Android it’s a real, worthwhile first move, not a placebo.

    Scan for stalkerware — start here

    Use a well-known anti-malware app with a strong stalkerware track record. Malwarebytes for Android scans your installed apps against a database that explicitly includes monitoring and stalkerware tools, and flags apps abusing high-risk permissions — the category most security apps quietly ignore.

    Scan your Android with Malwarebytes

    Detects stalkerware and monitoring apps, plus the apps quietly holding accessibility or device-admin access.

    Scan with Malwarebytes
    If you buy through this link we may earn a commission, at no extra cost to you. We only recommend tools we’d use ourselves.

    Running the scan, step by step

    1

    Install it from the Play Store

    Open Google Play, search for Malwarebytes, and check the developer shows as Malwarebytes before installing. If you can’t reach the Play Store, that itself can be a sign something is interfering — note it.

    2

    Open it and grant the scan permissions

    On first launch it asks for permission to access your apps and files so it can scan them. Allow it — this is what lets it inspect what’s installed. Decline and the scan can’t do its job.

    3

    Run a full scan

    Tap Scan and let it finish. It checks every installed app, including ones hidden from your home screen, against its threat and stalkerware database.

    4

    Read the results carefully

    Anything flagged as monitor, stalkerware, spyware or riskware is the result that matters here — not the ad-tracker noise. Don’t tap remove yet if you might need it as evidence (see below).

    Check these by hand too

    5

    Run Google Play Protect

    Open the Play Store → your profile icon → Play Protect → Scan. It’s a second opinion built into Android that checks apps for known bad behaviour.

    6

    Review Accessibility access

    Open Settings → Accessibility. Stalkerware leans on this to read your screen, capture messages and log taps. Any app here you didn’t deliberately set up — especially one with a vague or system-like name — is a serious red flag.

    7

    Review Device admin apps

    Open Settings → Security → Device admin apps (wording varies by phone). Monitoring tools grant themselves device-admin rights so they’re harder to uninstall. You should recognise everything listed.

    Found something — and you know who's behind it?

    If this could become a legal matter — a family court case, a protection order — don’t uninstall it yet. Removing the app tips them off and destroys the evidence. Screenshot what you found and get advice on preserving it properly first.
    Get a forensic examination

    Scan came back clean?

    A clean scan is reassuring, but plenty of monitoring on Android needs no app at all — a linked Google account, shared location, mirrored notifications. Those are the next place to look.
    Check your Android settings

    Common questions

    Can I really detect stalkerware on Android myself?
    Often, yes. Because Android lets a security app inspect other apps and their permissions, a reputable scanner plus the manual checks above catches most consumer stalkerware. The exceptions are rare, highly advanced tools — if the stakes are high, a forensic exam is the way to be certain.
    Will the person know I scanned?
    Installing and running a scanner doesn't alert them. Removing what it finds might, because their copies of your data would stop — so if there's any safety risk, plan that step before you take it.
    Should I just factory reset my phone?
    A factory reset clears almost all stalkerware, but it also wipes any evidence and won't stop monitoring that runs through your Google account or a linked device. Scan first, preserve anything you might need, secure your accounts, and only then reset.
    The scan found nothing but I'm still sure — what now?
    Move to the settings checks: linked Google account devices, shared location, notification access and message forwarding can all monitor you without a single app to scan for.

    Was this guide helpful?

    Know someone who needs this? Send them the guide.

    JD

    Written by

    Jordan Dickson

    Founder, CyberSecurityGuides

    Founder of CyberSecurityGuides, writing practical, jargon-free guides that help everyday people recover from and protect against online attacks.

    Reviewed by CSG Security Engineers

    More from Device Security