The term Keylogger refers to a program used by criminals to steal your information.
Keyloggers work by quietly recording everything you type, including your online accounts, passwords, and credit card information. The keylogger will then send all this information to the criminal who can then use the information to drain your bank accounts, commit fraud using your account, or even steal your identity and open new accounts in your name.
This lens will focus on Keyloggers and show you how to protect yourself from them.
I found Squidoo too limiting for everything I needed to do to make this topic really shine. Jump over to Mac Keylogger Protection for a high-resolution experience for Mac users.
Good vs. Evil
In theory, keyloggers can be used for perfectly legitimate purposes.
One example would be if your company required manual entry of form data. In this case you could use a keylogger to help measure how effective each individual employee was.
Another lawful use of keyloggers would be to keep a close eye on your children and their online activities.
Sadly, while there are good uses for keyloggers, they are more often than not used by criminals and pranksters to exploit their victims.
One example would be if your company required manual entry of form data. In this case you could use a keylogger to help measure how effective each individual employee was.
Another lawful use of keyloggers would be to keep a close eye on your children and their online activities.
Sadly, while there are good uses for keyloggers, they are more often than not used by criminals and pranksters to exploit their victims.
Defenses
There are several defenses available to you to thwart keyloggers. Each item is explanded on below.
- Prevent keyloggers from being installed.
- Detect that you have been infected.
- Avoid typing sensitive information with automatic form fillers.
- Prevent keyloggers from 'phoning home'.
Prevention
The first line of defense is to prevent keyloggers from being installed in the first place.Most keyloggers are spread thru viruses and worms, so it is important that you setup a firewall.
Other keyloggers can be installed locally using a USB key. The thief installs the USB key and then removes it along with the recorded data. You must therefore always be aware of what is plugged into your machine.
Detection
You should frequently review all the programs that are running on your machine. Perform a Google search for any program that you don't recognize. Most often it will be a program that you want to keep running, but it might be a keylogger or other trojan.Keyloggers and other trojans usually attach themselves by modifying your system settings. TripWire is an excellent utility that will alert you whenever your machine configuration changes.
Spyware detection tools are also good at detecting and cleansing known keylogger programs.
Automatic Form Fillers
Automatic form fillers are normally thought of as time saving devices. While this is true, they are incredibly effective at thwarting keylogger attacks.The way it works is the autofill program is responsible for logging you into your websites and typing your credit card information. The good autofill programs never use the keyboard nor the clipboard.
Automatic form fillers are available for the Mac and Windows. On Mac, try the 1Passwd password manager and form filler. On Windows, give RoboForm a go.
Preventing "Phone Home" Requests
Most keyloggers eventually send the data that they collect to their master by connecting to the internet. This is referred to as "Phoning Home".
You can use a network monitor (also known as a reverse firewall) to detect when this request is made and prevent it.
You can use a network monitor (also known as a reverse firewall) to detect when this request is made and prevent it.
by dteare
David is a longtime Windows user who is accustomed to malware. Having moved to Mac, its clear Mac users are ripe for being attacked. Shiel... (more)
