How to Protect Yourself Against Keyloggers
By Saumya Sinha
Keyloggers are one of the most well known and feared security threats on computers today.
They're feared because they are generally hard to detect, and because the damage they do is
often meant to extend beyond the infected computer. Keyloggers are usually programs, specifically
spyware programs, installed in your PC through internet. You may have downloaded a file from
torrent, and away from your realization and notification, they get installed in your system.
However, the question is, are Key loggers harmful? These programs record every stroke that
is made over the keyboard of a computer, where it has been installed. So, it is now easy to
gain the data like passwords, usernames, bank details, credit card number and other such data
from the computer. Now, the question is how do these keyloggers get installed on your computer?
As said earlier, keyloggers can get downloaded, if you download a file especially with
torrent clients. Moreover, the social networking sites are one of the easiest and regular targets
of malware developers, like the keylogger, and you can easily get into the trap set by these
sites. One of your friends, who may or may not be a victim of keylogger attack, sends you a
link over the social networking site. As you trust your friend, you will simply click on the
link, and bingo! The keylogger gets installed.
There are cases where public computers like libraries and other such places have been
attacked by the keyloggers and the data of the users of those computers have been stolen and
used for various purposes. One of the chief purposes of stealing your personal data is for
financial transactions.
There are many ways to protect against keyloggers, however, and ensure that you don't
become a victim of identity theft or must deal with any lesser hassle, like a hijacked World
of Warcraft account. While no defense is perfect, these steps improve your chances.
1. Use A Firewall
In most instances, a keylogger has to transmit its information to a third party in order
for it to do any harm. This means sending information out of your computer via the Internet.
Although a very close examination of your network usage might reveal a keylogger, you can't
count on that as a means of monitoring for them. The bandwidth taken up by recorded keystrokes
is virtually undetectable in a broadband world.
A firewall is a great defense against keyloggers because it will monitor your computer's
activity more closely than you ever could. Upon detecting that a program is attempting to send
data out, the firewall will ask for permission or display a warning. Some firewall software,
such as ZoneAlarm, provides you with the option of shutting down all inbound and outbound data
completely. The use of a firewall can't guarantee protection, but it's an important line of
defense that should catch most threats.
2. Install A Password Manager
Keyloggers work well because they're simple. They just take raw information - keystrokes
- and ship them out of your computer to a third party. The information they send doesn't have
to take up much bandwidth, and it can be logged quickly without any apparent performance impact
on the target PC. Most users infected with a keylogger will never know it unless an account
or credit card is hijacked.
One weakness of keyloggers, however, is the fact that you can't keylog what isn't typed.
That's where automatic form filling becomes useful. If a password is filled in automatically
by your PC, without any keystrokes, the password will only be susceptible to keyloggers the
very first time you type it.
All the major web browsers have this feature baked in and will ask to store your password
information the first time you type it. Some computers ship with software that offers this
functionality throughout the entire operating system.
3. Keep Your Software Updated
Being proactive about your computer's security is always a good idea, and the most important
part of a proactive defense is keeping software updated. Keyloggers, like most variants of
modern malware, can exploit software vulnerabilities to inject themselves into your system
without you, and in some cases your antivirus, being any the wiser. Adobe Flash, for example,
has had issues with remote code execution exploits in the past. A malicious website could use
such an exploit to install a keylogger on your PC.
Exploits are being found in software all of the time. Even Microsoft Windows and Mac OS X
are routinely patched to take care of critical exploits. If you don't update your system you
will be leaving it open to all sorts of attacks that could otherwise have been avoided. Yes,
making sure all of your software is up to date can be a pain, but consider the alternative.
This is an easy, proactive remedy that will stop most attacks before they can start.
|