A global study by Kaspersky’s internal market research center shows that tech-enabled abuse has quietly become one of the most widespread forms of violence in modern life. It is hidden in plain sight, in our closest relationships, and in the devices we carry everywhere. Yet, many don’t recognize it for what it truly is.

Methodology

This research explores the topic of technology-facilitated abuse, examining its prevalence and impact across a diverse range of regions. A total of 7,600 respondents participated in the study. The research covers multiple countries, including Austria, Brazil, China, Colombia, France, Germany, Greece, India, Indonesia, Italy, Malaysia, Mexico, Morocco, Portugal, Russia, Serbia, Spain, the UK and the USA.

What you don’t recognize as tech-enabled abuse

Many forms of tech-enabled abuse are not immediately recognized as such. They are often embedded in everyday digital interactions and can appear routine or insignificant.

For instance, receiving messages that feel intentionally hurtful, having false information about you shared online, or being deliberately excluded from digital spaces or group conversations. Whilst they can be common, these are actions that can be considered tech-enabled abuse.

Tech-enabled abuse is also often termed as "technology-facilitated abuse" or "digital abuse" and, although there is no officially standardized term, it can be summarized as the following:

Tech-facilitated or tech-enabled abuse refers to any form of abusive behavior that is made possible or exacerbated by the use of digital technologies, such as the internet, smartphones, social media platforms, or other electronic devices.

This type of abuse encompasses a broad range of harmful behaviors, including but not limited to cyberstalking, online harassment, digital manipulation, surveillance, and the dissemination of harmful content designed to control, harm, or intimidate the victim.

Unlike traditional forms of abuse, tech-facilitated abuse operates through digital means, allowing the abuser to exploit the anonymity and reach of technology. These behaviors can span multiple digital platforms and often infiltrate both public and private spheres, frequently without the victim’s full awareness of the extent of the abuse. This is a direct consequence of the complexities of the digital world, where privacy and cybersecurity concerns are paramount. In this environment, understanding issues of privacy protection and cybersecurity is crucial, as they form the foundation for safeguarding against the exploitation of digital technologies for abusive purposes.

Tatyana Shishkova

Lead Security Researcher, Acting Head of Research Center Americas & Europe, Global Research & Analysis Team (GReAT)

This type of abuse is often overlooked because it may not come with physical signs, making it harder to identify. But just because it’s hidden behind a screen doesn’t mean it isn’t real. In fact, tech-enabled abuse is often even harder to escape because it follows us everywhere, from within our phones, social networks, and sometimes, in the relationships we trust most.

Technology-enabled abuse is still not widely reconized as a distinct category of harm, in part because there is no shared understanding of what it includes, which this study vividly highlights. This lack of clarity means many experiences go unnamed, unreported, and unsupported. Without a common framework, it remains difficult to measure the scale of the problem or respond to it effectively.

Dr Leonie Maria Tanczer

Associate Professor at UCL Computer Science and Head of the Department’s Gender and Tech Research Lab

The majority have already been there

According to the Kaspersky study, 32% of respondents said that they knew what «technology-facilitated abuse» means. A further 41.8% had heard the term but weren’t sure of its definition — bringing the total share of those at least somewhat familiar with the concept to 73.9%. And 26.1% (more than one in four people) had never encountered the concept at all.

Let’s set that against what people actually reported experiencing; 45.7% of respondents said they had experienced at least one form of tech-facilitated abuse in the past 12 months. Among those who experienced it, the average person encountered not just one isolated incident, but 2.7 different types of abusive behavior.

The gap between these two figures, 32% who are familiar with the term and 45.7% who have experienced it, highlights an awareness gap, suggesting that many individuals may encounter forms of tech-facilitated abuse without recognizing them as such.

While in Austria, France, Italy, Portugal, Serbia, China, Malaysia and Russia respondents on average were less likely to admit being digitally abused, respondents from Brazil, Colombia, Mexico, the USA, Morocco, India and Indonesia have admitted experiencing such incidents more often than the global average. The USA and India are the two countries most susceptible to tech-facilitated abuse: both showed more than three types experienced on average.

While in Austria, France, Italy, Portugal, Serbia, China, Malaysia and Russia respondents on average were less likely to admit being digitally abused, respondents from Brazil, Colombia, Mexico, the USA, Morocco, India and Indonesia have admitted experiencing such incidents more often than the global average. The USA and India are the two countries most susceptible to tech-facilitated abuse: both showed more than three types experienced on average.

A spectrum, not a single thing

One of the reasons tech-facilitated abuse remains so underrecognized is that it is treated as a single phenomenon when it is actually a wide spectrum which stretches from behaviors so common, they feel ordinary, all the way to forms of surveillance and exploitation that most people don’t know are even technically possible.

At the visible, normalized end of that spectrum sit the behaviors that most people have either experienced or participated in without thinking much of it.

Some of the threats associated with technology-facilitated abuse, such as stalking and doxxing, have been are notorious in the world of cybersecurity, spreading in the form of illegal software and being openly offered as services on dark web platforms. These illicit services allow individuals to engage in harmful activities such as harassing others, exposing their private information, or engaging in malicious surveillance. The Kaspersky Digital Footprint Intelligence team conducted an analysis of recent activity on dark web forums to better understand the landscape of these threats and the scope of services offered.

The team found that the most frequently encountered examples were related to doxxing, the act of publicly revealing or publishing private information about an individual without their consent. These doxxing services vary in terms of cost and services offered. While some of these solutions are available for free, others are priced between $50 and $4,000, depending on the level of detail and the methods used to gather and expose sensitive information. In certain cases, more advanced services were offered, such as data extraction from surveillance cameras and complete tracking of an individual’s activities. These specialized services could be obtained for a starting price of around $500.

tablet
tablet
tablet
tablet

In addition to paid services, some individuals on the dark web were soliciting advice on how to stalk or blackmail. These users sought guidance on how to target former partners or acquaintances, indicating the pervasive and personalized nature of such threats. Many sought instructions on how to use technology to manipulate or harm others without necessarily engaging in an outright transaction.

The presence of both commercial offers and peer-to-peer guidance on dark web forums suggests that technology-facilitated abuse is becoming increasingly normalized in certain spaces. When harmful actions are packaged as services or shared as «how-to» advice, it significantly increases the risk of such behavior spreading beyond technically skilled actors. Moreover, the publication of such offers and the exchange of information on dark web platforms complicate efforts to control and monitor the dissemination of these services, making it harder to prevent their widespread use.

Alexandra Fedosimova

Junior Digital Footprint Analyst

This alarming prevalence of doxxing and stalking services on the dark web directly ties into the growing issue of stalkerware. In the recent years stalkerware has become a significant form of technology-facilitated abuse, and its impact is far-reaching, as it enables perpetrators to track, spy on, and manipulate their victims without their knowledge.

Stalkerware refers to tools — software programs, apps and devices — that enable someone to secretly spy on another person’s private life via their mobile device. The abuser can remotely monitor the whole device including web searches, geolocation, text messages, photos, voice calls and much more. Such programs are easy to buy and install. They run hidden in the background, without the affected person knowing or giving their consent. Regardless of stalkerware’s availability, the abuser is accountable for using it as a tool and hence for committing this crime.

Term by Coalition Against Stalkerware
https://stopstalkerware.org/

Kaspersky continuously monitors the evolving landscape of stalkerware and related threats. The key findings for 2024–2025 are as follows:

More than 34,000 users were affected by stalkerware. Throughout the last five years, this figure reached 127,000 users worldwide.

Kaspersky identified 33 previously unseen stalkerware families, demonstrating the continued development activity in this space.

Kaspersky detected affected users in over 160 countries. Russia, Brazil, and India continued to rank as the top three most affected countries in 2025, consistent with prior years.

TrackView remained the most widely detected stalkerware family in both 2024 and 2025, affecting 7,221 users.

Eyezy — a newer commercial stalkerware product — entered the global top 10 in 2024, affecting 1,335 users throughout the reported period.

Methodology

The data in this report is based on aggregated threat statistics gathered from the Kaspersky Security Network, which processes cybersecurity-related data streams from millions of anonymous volunteer participants worldwide. The statistics reflect unique mobile users impacted by stalkerware, distinct from the total number of detections. The number of detections may be higher because stalkerware could have been identified multiple times on the same device if the user did not remove the app after receiving a notification.

In many cases, survivors are advised by support organizations to leave the stalkerware in place to avoid alerting the perpetrator to the discovery. Lastly, the statistics pertain solely to mobile users who have Kaspersky IT security solutions installed. Some users may be using different cybersecurity solutions, while others may not use any protection at all.

Stalkerware, which can be easily downloaded and installed by anyone with an internet connection, allows perpetrators to remotely access a victim’s smartphone from anywhere. This software enables the invasion of privacy by not only tracking the victim’s activities but also by granting access to vast amounts of personal data. Depending on the specific stalkerware used, perpetrators can monitor everything from the device’s location and text messages to social media conversations, photos, browser history, and more. Since the software operates in the background without being visible, most victims remain completely unaware that their every move and action is being monitored. That’s why it is highly important to know how to identify such activity and what to do if users suspect stalking activity against them.

Tatyana Shishkova

Lead Security Researcher, Acting Head of Research Center Americas & Europe, Global Research & Analysis Team (GReAT)

Recommendations for potential victims of stalkerware

Consider using trusted security tools to help detect potential threats. For example, Kaspersky’s Who’s Spying on Me feature (available in Android apps) can identify stalkerware, suspicious apps with monitoring capabilities, and even unknown Bluetooth devices that may be used for offline tracking. Such tools can alert you to software that may be secretly accessing sensitive data, including your location, messages, call history, browsing activity, or keystrokes.

Do not immediately remove suspected stalkerware, this may alert the perpetrator and escalate danger. First assess your situation and contact a support organization.

Use a safe device (one you trust is unmonitored) to contact support services, search for resources, or communicate about your situation.

Look for warning signs: unusually fast battery drain, unexplained data usage, newly installed apps you do not recognize, or the «Unknown sources» setting being enabled.

Protect your accounts with strong, unique passwords. Change them on a device you know is clean.

Contact a domestic violence or stalkerware support organization for individualized guidance. Find your nearest via the Coalition Against Stalkerware website.

Victims of stalkerware may be part of a larger cycle of abuse. Any decision to remove software or change device settings should be made with awareness of potential physical risk. Always prioritize your safety first.

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.