Solved

Can cell phone tracking be initiated by opening a text?

Posted on 2016-09-08
15
84 Views
Last Modified: 2016-09-14
Greetings,

Recently I received a text from a person I recognized but who was not in my contacts.  Despite the fact they were not in my contacts, their full name was in the body of the text along with a blank avatar and the words "Follow locations" or "Follow local", I can't remember eactly.

Within an hour after receiving and deleting that text I received a text from the same person saying, "why are you tracking me?"

At this point I'm trying to figure out all the possiblities of what's going on.  Some of my questions are:

1)  Can such a text actually initiate tracking in either direction?
2)  Is it possible the text would give the sender the ability to track my phone rather than theirs?
3)  If tracking was actually initiated, how could the tracking be terminated in either direction?
4)  If I disabled the GPS functionality on my phone, would that prohibit tracking of my phone?
5)  If my phone was tracking the phone that texted me, how would that user be aware of such a thing?

In other words, if somebody installed an app on the sender's phone without them knowing, how would that ultimately manifest to the user of that phone?

I decided to wipe my phone and reinstall the factory image/settings just in case something was installed.  However, I'm wondering if by accepting the text to "follow" the sender's phone, my number is registered to follow regardless of what I do to my phone.

Thanks in advance.
0
Comment
Question by:John500
  • 6
  • 5
  • 3
  • +1
15 Comments
 
LVL 34

Expert Comment

by:Michael-Best
Comment Utility
You are being targeted by a fraud or spammer.
Just delete and ignor any such spam mail.
You are not being tracked or hacked unless you have opened any malicious emails.
0
 

Author Comment

by:John500
Comment Utility
Thank you Michael for the input.

I have not opened any emails on this phone related to this person.  However, I am very interested to understand just exactly what type of text includes the full name of the person and an avatar in the body of the text along with the words "follow locations".

I know the name was acurate for the phone because I know the person.  If it was an ordinary text, only the phone number would be displayed with the text.  There is something more to this kind of text.  I'm hoping somebody can provide a reference to explain this kind of text.

Thank you
0
 
LVL 37

Expert Comment

by:Bing CISM / CISSP
Comment Utility
1)  Can such a text actually initiate tracking in either direction?

NO, for average mobile users.

YES, for someone has privileges to access your mobile peovider's databases and cell stations. once a mobile phone is powered on, the phone will register at a cell station near by, the phone number, SIM number and phone's IMEI are all associated with the satiation telling the network you are in a reachable distance to station. as every station has its fixed geographical location, your approximate location can be locked. basically that's how a mobile phone roams and works in a network.

2)  Is it possible the text would give the sender the ability to track my phone rather than theirs?

as explained above. only privileged users or the authority can do that, and must be by law.  

3)  If tracking was actually initiated, how could the tracking be terminated in either direction?

turn off the phone and remove the battery.

4)  If I disabled the GPS functionality on my phone, would that prohibit tracking of my phone?

GPS may provide a more accurate info about where you are, but as explained above, even without GPS equipped or enabled, your mobile provider is still able to locate you, at least roughly in a certain area depending on the coverage of the associated station.  

5)  If my phone was tracking the phone that texted me, how would that user be aware of such a thing?

as an average mobile user, without installing an app or authorising the OS on the sender's phone, you can't trace other users.

> In other words, if somebody installed an app on the sender's phone without them knowing, how would that ultimately manifest to the user of that phone?

the user may hardly notice that except the user is experienced and has some utilities to detect it. e.g. unusual data usage by a unknown app or process, the phone's WiFi router is well firewalled and logged against any network activities etc.
0
 

Author Comment

by:John500
Comment Utility
Bing,

Thanks much for the detail!

Can you venture a guess as to why the text took the form that it did?  This was not an ordinary text.  It contained:

1)  an empty avatar in the body of the text
2)  with the full name of the sender (whom I know) in the body of the text
3)  with the text - "Follow locations"?  

I greatly appreciate that you handled the theory as to why this was likely not some sort of tracking.  However, I'm still left wondering.  

I know the sender's number therefore I know the name.... but this number is not in my contacts so I shouldn't have seen a name, just the number and not in the body of the text.  Thus, the question begs - why would the text come with an empty avatar and full name of the person?  I wish I could associate this type of text with some sort of application.

Thank you!
0
 
LVL 37

Expert Comment

by:Bing CISM / CISSP
Comment Utility
if possible, can you better share a screenshot of the message that made you worried? you may mask any private information that matters.
0
 

Author Comment

by:John500
Comment Utility
>>  can you better share a screenshot of the message ...

Unfortunaltly I deleted the text thinking it had something to do with enableding tracking......

I will create a very good replica using Paint and then post it
0
 
LVL 41

Accepted Solution

by:
Jackie Man earned 250 total points
Comment Utility
MMS
Are you using Android phone?

If yes, do you use the default Messaging app?

If yes, the default setting is Auto retrieve which means if you think it is text message (SMS), it might be a Multimedia Message (MMS) which is a combination of text and picture which will be auto retrieve by default.

What is the problem?

There can be a script which is hidden behind the picture when you read, i.e. see the message. Then, your phone is tracked or hacked.

Actually, no one tell you to disable auto retrieve if you use the stock messaging app and it is a trap for every Android phone user.
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 41

Expert Comment

by:Jackie Man
Comment Utility
I am aware of the above as my interests is on computer, smartphone and I read a lot of related stuff.
0
 

Author Comment

by:John500
Comment Utility
Jackie Man,

Yes, I am using and Android and yes I use the default messaging application.

You agree by wiping the phone with factory image that the problem no longer would exist - yes?

When you say "auto retrieve". what do you mean?  Messages will be sent from my phone to another phone?  If yes, you mean that all future messages or a download of archived messages?

Thank you!
0
 
LVL 41

Expert Comment

by:Jackie Man
Comment Utility
auto retrieve is to automatically open the picture in a message when you click it

Besides, have you installed antivirus software in your phone?
0
 

Author Comment

by:John500
Comment Utility
I have the Samsung Galaxy Amp Prime.  It is a very new phone and I'm sure it must have antivirus.

I shut off the auto retrieve feature.   Regardless, do you agree by setting the phone to the factory image, anything that was installed is wiped?  

In other words, could a virus somehow obtain my approval for some activity that would register my approval to keep coming back to the phone remotely or does the virus need to be installed on my device?

Thanks again!
0
 
LVL 41

Expert Comment

by:Jackie Man
Comment Utility
do you agree by setting the phone to the factory image, anything that was installed is wiped?  

Yes

http://www.pcworld.com/article/2953052/security/most-android-phones-can-be-hacked-with-a-simple-mms-message-or-multimedia-file.html

If you still work, do a double wipe of your phone.
0
 
LVL 37

Assisted Solution

by:Bing CISM / CISSP
Bing CISM / CISSP earned 250 total points
Comment Utility
> do you agree by setting the phone to the factory image, anything that was installed is wiped?  

if you later receive another suspicious message, will you hard reset your mobile phone again? will you always repeat resetting the phone every time you see something suspicious? i doubt this.

be aware that once (i mean IF) your phone has been hacked by a message or something similar, deleting that message in rush doesn't help as the suspicious or malicious code might have been executed and stayed. instead, keeping the record as evidence or hint does help the investigation. to avoid further data leaking, you may simply disable data connections including mobile data and Wi-Fi, or remove the SIM card from the phone.

therefore, if it were me, i would not reset the phone in rush, and will investigate what actually happened and why. i still prefer seeing that message instead of guess too much. BTW, are you sure it is a text message (SMS or MMS), not an email?

> http://www.pcworld.com/article/2953052/security/most-android-phones-can-be-hacked-with-a-simple-mms-message-or-multimedia-file.html

regarding the report, i notice it is news in 2015. what's your Android version? is your device fully updated and patched?
0
 
LVL 41

Expert Comment

by:Jackie Man
Comment Utility
It is a good idea to dig out the hack if it is not the only phone you have.

Your phone should be running Android 6.

But...

There are unknown exploit and if you have taken precaution, you should be fine after you have done a reset.

http://www.wired.co.uk/article/stagefright-android-real-world-hack
0
 

Author Closing Comment

by:John500
Comment Utility
Thanks guys!!
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
Healthcare organizations in the United States must adhere to the guidance of both the HIPAA (Health Insurance Portability and Accountability Act) and HITECH (Health Information Technology for Economic and Clinical Health Act) for securing and protec…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now