When we hear the word “spy,” we usually think of Cold War era, cloak-and-dagger spies. But in the digital age when we say someone is “spying” on you, we’re talking about online. And someone is almost certainly spying on you.

What kind of online spies are there?

There are four main categories of online spies: The government, cybercriminals, internet service providers (ISPs), and advertising networks. 

Government

We know, via leaked documents, that the National Security Administration (NSA) collects your private data, including email, messages, any traffic passing through the undersea fiber optic cables, and some cellphone locations outside the United States. This is all perfectly legal, by the way.

And, of course, the U.S. government isn’t the only government that spies on its citizens. China is perhaps the most famous — and the most overt — when it comes to government moderation of citizen’s online activity, but governments on every continent employ methods for spying on their people.

Cybercriminals

Cybercriminals utilize a range of techniques to spy on people and collect their information. One is insecure Wi-Fi connections, usually in the form of public Wi-Fi. Because these networks are accessible to anyone, cybercriminals can set up a variety of attacks to spy on you and steal your information.

With a man-in-the-middle attack, criminals intercept the data you send between your device and the ISP. With Wi-Fi-sniffing, they grab a bunch of data and then sift through it to pick out the things they want. And, sometimes, they plant malware on the Wi-Fi connection, which then gets onto your device and sends them information. 

Another way cybercriminals gain access to your information and device in order to spy on you is via phishing attacks. Phishing is when cybercriminals utilize information about a person to trick them into handing over personal information — like passwords or social security numbers or bank login info — or to get them to download malware via infected files. 

Phishing is often done via emails that appear to be from someone a person knows, like a spouse or boss. The emails may make it seem like the person is in trouble and needs money, for example, or may seem like a normal — but time sensitive — request from a boss. Some phishing emails convince people to hand over private information willingly, while others include links that lead to infected files being downloaded to the victim’s computer. 

ISPs

Internet service providers (ISPs) collect and, in some cases, monitor all of the information that is sent over their networks. Some compile anonymous browsing logs and sell them to advertising companies. And all ISPs are required to hand over logs of user activity if compelled to by law enforcement. Yikes.

Advertising networks

Advertising networks use something called cookies to track your progress across the web. Every time you view one of their ads, they’re sent a cookie. This enables them to track your browsing history and deliver more — and theoretically better targeted — ads.

What can you do to protect yourself from spies online?

If that list creeps you out, don’t freak out yet. Luckily, there are ways you can protect yourself against online spies. 

1. Utilize a VPN

VPN stands for virtual private network. It’s a network of devices connected to each other and a remote server via the internet. When you connect with a VPN, your device exchanges “trusted keys” with the network, which creates a secure connection. All of the data sent over a VPN is encrypted, meaning it’s safe from spying eyes.

VPNs allow for private browsing, as well as protection against thieves who are trying to steal your data or governments who are trying to spy on you. They also protect against spying ISPs.

2. Install and use security software

Security software identifies and protects you against malware, which can be used to spy on you. Get a quality security software and make sure to keep it updated.

3. Don’t open links in emails without double checking

It’s a hassle, but always double check with the sender of an email before opening any links, especially if they look shady. Use a different communication method — like the phone or a text message — to ensure you’re not communicating with a cybercriminal instead.

4. Disable third-party cookies

You can keep advertising companies from tracking you by disabling third-party cookies on your browser. Here’s how to do it on some of the most popular browsers.

5. Use ad blockers

Ad blockers also keep advertisers from tracking you around the web and spying on you. (Plus, they mean you don’t have to see annoying ads!)

So, yes, someone is definitely spying on you. But you have the ability to take back at least most, if not all, of your privacy.

Updated on November 15, 2022, with new updates and information.