Fingertip Fraud - 5 Ways To Defend Against Keystroke Loggers
Tue, Aug 26, 2008
When you type something on your computer keyboard can you be sure that you are the only one who reads your words?
Even if you appear to be alone your privacy may not be intact.
WHAT IS A KEYSTROKE LOGGER?
A keystroke logger is one of the most dangerous forms of spyware.
Dangerous because not only can it snoop on your computer-related activities but because it can also relay all that you do back to a remote computer.
From there, the owner of the keylogger can likely discover your name, address, credit card and bank account numbers, Social Security number,…, you get the picture.
A keystroke logger can give so much information about you away that identity theft will be just around the corner.
Of course keystroke loggers are not a new phenomenon - they have been around for a great many years.
However, with all the other threats to be found online, such as scams, spam, viruses, etc, key loggers are no longer at the forefront of people’s minds.
Considering the devastation they can inflict, they should be!
3 TYPES OF KEYSTROKE LOGGER
Here’s a brief description of the types of keystroke logger that you may encounter -
Windows Hook
Windows operating systems have an in-built function called ‘SetWindowsHookEx’.
As you may be able to guess, this function monitors key strokes.
Whilst there are legitimate uses for this function, a hacker could utilise it for their own nefarious purposes if given the opportunity.
Kernel / Driver Loggers
This type of keystroke logger is, perhaps, the hardest to detect.
A kernel logger will receive information directly from an input device, such as a keyboard, via the operating system.
Such a logger can be used to read key strokes and is often executed at the beginning of the boot sequence, before anti-spyware programs, allowing it to remain undetected.
Hardware Loggers
A hardware logger is a physical device that is usually places between the computer and it’s keyboard.
Typically, it will be small enough to go undetected for some time.
A hardware logger may be a surefire way to capture key strokes, though physical access to the target machine is quite obviously required for installation to be successful.
5 WAYS TO DEFEND AGAINST KEYSTROKE LOGGERS
The following 5 basic and common sense tips should help you avoid having a keylogger installed onto your system -
- Scan your entire system for viruses and spyware on a regular basis
- Question the origin of every email you receive, even if they appear to be from friends
- Never, ever, open email attachments unless you are 100% certain they are safe
- Always have a firewall running to block unauthorised traffic
- Avoid clicking on pop-up windows on websites
Spyware is an ever-increasing problem, and one which may surpass viruses as the biggest threat and nuisance in the online world.
It may well be worth investing in a quality anti-spyware package to bolster your defence against keyloggers as well as a whole host of other undesirable side effects of the world wide web.
Loading ...
Great information and tips!
Keystroke logging is one of my biggest worries out of all the spyware and viruses out there. I have a firewall, two spyware programs and a virus scanner. The firewall is always on and I run the spyware and virus scanner programs weekly.
Recently, my virus scan reported that a .dll file was a keystroke logger. I started panicking and started to think about all the information that I needed to change while also wondering if it was too late to even bother. I then calmed down and did some research. Fortunately, in this instance it was a false positive. The .dll in the particular program I was running had the same name as the keystroke logger but was not logging anything.
Likewise, a keystroke logger would be my biggest fear too due to all the data I have and use on my pc.
Even if one got on my system I think I have enough other security measures in place, but you can never be too careful.
Are you sure virus scanning once per week is enough? I run mine twice per day, every day.
Why so often? I’m not really doing anything that would cause a virus such as opening attachments or downloading questionable files. Plus, it takes forever to scan both hard drives. I could do it overnight but I don’t like to leave my computer on when I’m not using it.
I also very rarely use Internet Explorer. Not using that browser is one of the first steps in protecting yourself. Actually, not using Windows at all is also good protection
I use Firefox most of the time but have IE on my system for the odd occasion where using it is necessary.
I run scans so often because my kids computers are on the network and they are totally reckless in what they run and download on their machines.
I always scan once whilst I’m at work and once when I’m asleep so I never notice how long it takes.
I’ve not turned my computer off since I built it!
Since your kids use your computer, your frequent scans make sense. I am the only one who uses my computer.
What program do you use for virus scanning?
I do use IE occasionally for sites where is necessary - it is usually related to streaming video. For example, Sentanta Broadband will run in Firefox but almost always crashes. Are you familiar with the Firefox extension, IE tab? It opens a Firefox tab that is actually IE but you don’t have to open IE - saves time and makes you feel like you aren’t using it.
I’m torn about leaving my computer on all the time. I find when I turn it off I use less electricity. Also, in the summer it is really hot in my apartment when I’m not at home and I worry about the heat and humidity affecting the computer. But, I suppose if I left it on more frequently then I could run more frequent scans.
Ok - I am starting to ramble. For some reason I am exhausted today and it is making me a little loopy.
I use and assess various types of anti-virus software but at the moment I have the latest edition of AVG running.
I didn’t know about the IE tab for Firefox, I’ll have to grab that as I too have problems with video crashing my browser at times.
I know what you mean about being tired - I’ve worked day time hours the last few days and it has totally mangled my brain
I use the latest AVG as well. I don’t like it as much as earlier versions - it works fine but it’s bloated now.
What do you use for Spyware? I run both Adaware by Lavasoft and Spybot Search and Destroy.
Ugh - changing shifts is hard. I don’t know why I was so tired. Plus my allergies have kicked in so I was tired, congested and cranky. I ended up going to bed at 9:30 and sleeping a solid 8 hours - feel like a new person today.
I mainly use Adaware for detecting spyware but have tried many others too in the name of research.
I slept for almost 12 hours last night and am still tired
I took a resolution this year that I will spend less time on the comp, so my comp is virus-free!
Seriously though I always had Norton its working fine so far
I wish you didn’t spend less time on the computer.. I miss you!