Keylogger

From WOT Wiki
(Difference between revisions)
Jump to: navigation, search
m
Line 1: Line 1:
A Keylogger is program or file that has been executed to record all of the keystrokes a computer user makes. Once a computer user has been infected with a Keylogger, it will continue to run in a hidden manner, and report all the information that is being input into the computer, and this is sent back to the hacker or some other hidden third party. After the computer hacker has compiled enough information using the Keylogger, they might use this information to access bank accounts or log into online email addresses, and send [[Spam]]. [http://www.brighthub.com/computing/smb-security/articles/8488.aspx]
+
A Keylogger is a program or file that has been executed to record keystrokes a computer user makes. Once a computer user has been infected with a Keylogger, it will continue to run in a hidden manner, and report all the information that is being input into the computer, and this is sent back to the hacker or some other hidden third party. After the hacker has compiled enough information using the Keylogger, they might use this information to access bank accounts or log into online email addresses, and send [[Spam]]. [http://www.brighthub.com/computing/smb-security/articles/8488.aspx]
  
  
 
== Dangers of Keyloggers ==
 
== Dangers of Keyloggers ==
  
Dangers of malicious Keyloggers are that they trap information before it can be encrypted. For example, banking websites (should) provide a secure connection between your computer and the website so that all data is encrypted in transit. However, as you type a username and password, the Keylogger is recording those keystrokes, bypassing any and all security measures. Keyloggers not only have the ability to trap usernames and passwords, but credit card numbers, bank account numbers, private passwords for encrypted files, financial records, email and other [[Personally Identifiable Information (PII)|PII]]. [http://www.wisegeek.com/what-is-a-keylogger.htm]
+
Dangers of malicious Keyloggers are that they trap information before it can be encrypted. For example, banking websites (should) provide a secure connection between your computer and the website so that all data is encrypted in transit. However, as you type your credentials in, the Keylogger is recording those keystrokes, bypassing security measures. Keyloggers not only have the ability to trap login credentials, but credit card numbers, bank account numbers, private passwords for encrypted files, financial records, email and other [[Personally Identifiable Information (PII)|PII]]. [http://www.wisegeek.com/what-is-a-keylogger.htm]
  
  
 
== Protecting Yourself from Keyloggers [http://www.wisegeek.com/what-is-a-keylogger.htm] ==
 
== Protecting Yourself from Keyloggers [http://www.wisegeek.com/what-is-a-keylogger.htm] ==
  
* Install top-notch Anti-virus and Anti-spyware software on your system, preferably programs that help to prevent Keyloggers and watch for Keylogging activities. Although this does not guarantee you will not get a Keylogger, but it can help by recognizing and removing known Keylogger signatures.
+
* Install top-notch anti-pestware software on your system, preferably programs that help to prevent Keyloggers and watch for Keylogging activities. Though this won't guarantee you will not get a Keylogger, it can help by recognizing and removing known Keylogger signatures.
  
 
* Regularly check the processes running on your system looking for anything that doesn’t belong. In Windows® systems you can use Task Manager to view running processes. Third party applications are also available that will not only show you which processes are running, but will provide a direct link to information online regarding the nature of the process.  
 
* Regularly check the processes running on your system looking for anything that doesn’t belong. In Windows® systems you can use Task Manager to view running processes. Third party applications are also available that will not only show you which processes are running, but will provide a direct link to information online regarding the nature of the process.  
Line 15: Line 15:
 
* A firewall commonly does not provide Keylogger protection, but can alert you if a program is trying to send information out to the Internet. By stopping this action you can prevent a thief from retrieving a log, and be alerted to the possible presence of a Keylogger.  
 
* A firewall commonly does not provide Keylogger protection, but can alert you if a program is trying to send information out to the Internet. By stopping this action you can prevent a thief from retrieving a log, and be alerted to the possible presence of a Keylogger.  
  
* Other methods to ‘confuse’ a Keylogger include typing extra letters or numbers when entering secure information, then highlighting the characters that do not belong and entering a legitimate character to replace them. You can also use a browser with a form-filler function that will keep usernames and passwords securely on your system, and fill them in automatically when you enter a site, without forcing you to use the mouse or keyboard. Additionally, there are programs that scan for Keyloggers, but they can detect legitimate processes as well, making it difficult for the average person to make real use of these tools.
+
* Other methods to ‘confuse’ a Keylogger include typing extra letters or numbers when entering secure information, then highlighting the characters that do not belong and entering a legitimate character to replace them. You can also use a browser with a form-filler function that will keep usernames and passwords securely on your system, and fill them in automatically when you enter a site, without forcing you to use the mouse or keyboard. There are also programs that scan for Keyloggers, but they can detect legitimate processes as well, making it difficult for the average person to make real use of these tools.

Revision as of 19:51, 7 March 2012

A Keylogger is a program or file that has been executed to record keystrokes a computer user makes. Once a computer user has been infected with a Keylogger, it will continue to run in a hidden manner, and report all the information that is being input into the computer, and this is sent back to the hacker or some other hidden third party. After the hacker has compiled enough information using the Keylogger, they might use this information to access bank accounts or log into online email addresses, and send Spam. [1]


Dangers of Keyloggers

Dangers of malicious Keyloggers are that they trap information before it can be encrypted. For example, banking websites (should) provide a secure connection between your computer and the website so that all data is encrypted in transit. However, as you type your credentials in, the Keylogger is recording those keystrokes, bypassing security measures. Keyloggers not only have the ability to trap login credentials, but credit card numbers, bank account numbers, private passwords for encrypted files, financial records, email and other PII. [2]


Protecting Yourself from Keyloggers [3]

  • Install top-notch anti-pestware software on your system, preferably programs that help to prevent Keyloggers and watch for Keylogging activities. Though this won't guarantee you will not get a Keylogger, it can help by recognizing and removing known Keylogger signatures.
  • Regularly check the processes running on your system looking for anything that doesn’t belong. In Windows® systems you can use Task Manager to view running processes. Third party applications are also available that will not only show you which processes are running, but will provide a direct link to information online regarding the nature of the process.
  • A firewall commonly does not provide Keylogger protection, but can alert you if a program is trying to send information out to the Internet. By stopping this action you can prevent a thief from retrieving a log, and be alerted to the possible presence of a Keylogger.
  • Other methods to ‘confuse’ a Keylogger include typing extra letters or numbers when entering secure information, then highlighting the characters that do not belong and entering a legitimate character to replace them. You can also use a browser with a form-filler function that will keep usernames and passwords securely on your system, and fill them in automatically when you enter a site, without forcing you to use the mouse or keyboard. There are also programs that scan for Keyloggers, but they can detect legitimate processes as well, making it difficult for the average person to make real use of these tools.
Personal tools