Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

New Windows 11 Phone Link feature could easily be abused by cyberstalkers

Windows 11 debuted "Phone Link," a feature that allows iPhone owners to view notifications on their Windows computers — but it may pose a significant safety risk.

Announced in April, Microsoft's Phone Link does something that Mac users have done for years — use their computer to text and make phone calls.

While the feature is far from perfect, there are a fair amount of people with iPhones who use Windows PCs as their primary computer who appreciate the cross-platform integration.

However, as security app developer Certo Software points out, Phone Link has more than surface level issues.

As it turns out, it's very easy for a cyberstalker to install the app on someone's phone without their knowledge.

It only requires brief physical access to the victim's phone, which is used to scan a QR code and pair it with a Windows 11 machine. Once set up, there are no obvious signs that the victim's data is being shared.

From that point forward, the cyberstalker can view all new incoming iMessages, records of phone calls, and phone notifications.

This type of intimate cyberstalking has harrowing implications — it could easily be used by abusive partners, parents, or friends to monitor a victim's whereabouts.

Certo Software suggests that you routinely check what Bluetooth devices your iPhone automatically pairs with. Then, if you don't recognize one, you can unpair your device by following the steps below.

  1. Open Settings
  2. Tap Bluetooth
  3. Tap the icon next to the unknown device
  4. Tap Forget This Device

Likewise, you should always monitor which apps have been installed on your phone. Apple's App Library features a section dedicated specifically to recently added apps.

As a reminder, iOS 16 introduced a feature called Safety Check, which allows users to review and manage what information is being shared with other people and apps.



2 Comments

beowulfschmidt 12 Years · 2361 comments

Dooofus said:
I find it hard to believe an app could be installed on someone's phone without their knowledge by simply gaining physical access to their device. In 2023, if you leave your phone wide open without some form of password-based or physical authentication, you get what you get, but who even does that?


The type of people who would use this for such stalking either already have the level of trust with the victim that would allow them access, or exerts enough control over the victim's activities that they could easily get the access.  As to why a potential victim would allow such access, that's a discussion best moved elsewhere; there are reams of information available on how abusers control their victims all over the web.