Thursday, April 26, 2012

Keyloggers and How to Defend Yourself

This article will discuss the negative impact of keyloggers. While there are many positive uses of this software, I will focus on the negative side, since I am a security consultant.
Keyloggers are simple programs that record keystrokes made on a keyboard. They have legitimate uses, such as parental controls and employee monitoring. But they can also be used for malicious activities, like recording keystrokes from someone logging into their bank account. This particular form of hacking is becoming widespread, and is now considered to be the number one way information is stolen. Keyloggers can be installed virtually undetected. Many perpetrators are using them in ads, so that when a person clicks on the ad, the software installs itself. Another popular way to install a key logger is through email. The email can be worded so enticing that the receiver will open the attachment, thus installing the software unnoticed.
How can a person protect themselves from this software being used for malicious purposes? Education and reinforcement of safety measures can help reduce key logger crimes. Most anti-virus software now comes with signatures for known keyloggers, so scanning the email before opening it is very important. Companies can educate their employees by reinforcing the need to be careful when using email, and to run a virus check on any attachments before opening. The following list provides some safety measures anyone can use to protect themselves:
  • Do not click OK on pop-up windows without first reading them thoroughly
  • Never open spam e-mail
  • You should pay for software instead of opting for the free, advertising supported version; never click on links in e-mail you receive from an unknown source
  • Type the URL into your Web browser
  • Do not open e-mail attachments from an unknown source
  • Use a firewall to help prevent any unauthorized computer activity
  • Run a weekly, full system anti-virus computer scan
If you are not sure whether a key logger is installed on your machine, you can use the virtual keyboard that comes with the Windows system. A virtual keyboard is a program that shows a keyboard on the screen, and the keys can be pressed by using a mouse. This can help keep the keystrokes from being noticed by the software. It is not a guarantee, but can be helpful. Another method that can help secure your account would be to use a one-time password. Using a one-time password can help minimize losses if the password is intercepted because the password generated can be used only one time. The period of time a password can be used is limited, so even if a one-time password is intercepted, the thief will not be able to use it to gain access.

No comments:

Post a Comment

Application Server

Application Server The application server is a framework, an environment where applications can run, no matter what they are or what funct...