Keyloggers

A keylogger is a small program that sits on your PC quietly capturing each key you press on your keyboard. It either logs each keystroke to a file, or sends it off somewhere on the internet.

It’s used to spy on people. By capturing keystrokes your login and password can be revealed, as well as other confidential information. And usually they’re what’s known as “stealthy” programs - most of the time you wouldn’t know it’s there.

Where do they come from?

There are quite a few keyloggers available. Most are written by hackers (the bad kind). A few are written by commercial software companies (more on that below). 

Are they legal?

Usually no. They’re used as spyware to capture your passwords which is illegal in most places.

How can you detect them?

Use a good anti-spyware program. Most antivirus packages come with this feature these days, others are available separately. There are free ones too. Search Google for current a list.

But there’s another kind of keylogger that you can’t detect this way. You can buy a little plastic device that plugs in between your keyboard and your PC. Since it’s directly connected to the cable hanging off your keyboard it can detect every key stroke and record it. Someone has to have physical access to your PC to install it (and to later remove it). You need to look at the back of your PC where the kayboard plugs in to detect it. Search here for a list of these devices.

News

Recently a US court has looked at a commercial keylogging company called CyberSpy and decided it’s illegal. They’ve ordered CyberSpy to stop selling their software (called RemoteSpy). Unfortunately there are too many alternatives for people keen on spying and stealing passwords. More on this here.

Fake Survey Emails

A fake email has been sent claiming that JP Morgan Chase (a financial services company) will pay you $50 for filling in a survey. Sounds tempting, except that the link they want you to click on does not take you to the real JP Morgan Chase’s web site.

Instead it takes you to a fake web site with a form asking you a few questions (the form looks like a real survey). At the end it asks you for your full name, credit card number, expiry date, and PIN number! This kind of trick is known as phishing. Any information you enter here is collected and eventually used to steal money from people’s accounts.

The idea is to entice you with filling in a survey by promising a reward ($50), making their site look like it’s from a large company, then collecting private information that you really shouldn’t be giving out to anyone.

The email reads:

Online Survey - Add 50$ to your account in 2 minutes!

Dear Customer,

You are invited to take part in our nation-wide 5 question survey. Your time is very important to us so $50 will be credited to your account upon the completion of this survey.

Please note that no sensitive information will be required, collected or stored. The information will be used to further improve our services

To take part please click here

So if you see any emails like this just delete them. Also keep in mind that a good anti-virus package can often detect you’re going to a fake web site and stop you.

Key Duplication

Here’s an interesting use of technology to copy someone’s keys (the metal kind that opens doors). It works with someone taking a hi res photo of your keys, then enhancing the image enough to make a template for someone to cut a copy of a the key.

What kind of photos will work?

Useful photos can be found on photo sharing web sites (such as Facebook or Flickr). This is a passive way for someone to find an image of your keys.

Another tactic is for someone to target you with a camera phone, taking photos of your keys while you hold them. Or with a camera and a telescopic lens, from 200 feet away as the article below suggests.

This isn’t really a new trick, but the software to do all the hard work is new. Technology like this only gets better so it’s time to learn how to protect yourself.

Some tips:

• If you upload photos showing your keys then take the time to blur the keys first. This is similar to how you would blur your car number plate, or a credit card
• Don’t display any keys in public. It wouldn’t be hard to obscure them with your hands
• If you have a choice (such as when purchasing a car) opt for something that uses RFID chips embedded in the keys (many cars have this these days)

Read more about the technique here, and read the full paper here.

• About

  Read the latest articles shown on the left, and use the options below to search for past articles. FraudO.com is committed to educating all users on the dangers of the internet and how to avoid them.

• Email Subscription

  Enter your email address:

  Delivered by FeedBurner

• Recently Written

  • A New Year
  • Fake Twitter Site
  • Mobile Spy on iPhone
  • Critical Update for Internet Explorer
  • RSS Move
  • Fake hi5 Requests
  • Congratulations You Won
  • Opening Documents
  • Multi Function Anti Malware Toolkit
  • Malicious Firefox Add-On

• Categories

  • Admin (8)
  • Antivirus (36)
  • Backups (5)
  • Fraud (48)
  • General (79)
  • hoax (7)
  • Identity Theft (27)
  • Malware (83)
  • News/Media (42)
  • Phishing (7)
  • Privacy (11)
  • Scams (60)
  • Security (98)
  • Software (66)
  • Statistics (16)
  • Uncategorized (3)

• Archived Articles

  Select Month January 2009  (2) December 2008  (10) November 2008  (3) October 2008  (7) September 2008  (5) August 2008  (11) July 2008  (17) June 2008  (8) May 2008  (17) April 2008  (23) March 2008  (22) February 2008  (20) January 2008  (31) December 2007  (17) November 2007  (21) October 2007  (11) September 2007  (5)

• Meta

  • Log in
  • Entries RSS
  • Comments RSS
  • WordPress.org

• Spam Blocked

  8,272 spam comments

  blocked by
  Akismet

• Stats