• Credit
• Data Breach
• Fraud
• Identity Theft
• Other News
• Privacy
• Reviews
• Scams
• Tips
• Truston

« Previous Post | Blog Home | Next Post »

The next big threat after phishing--key loggers

Posted on Mar 1, 2006 by Tom Fragala

Over at the blog The Make Money Fast Hall of Humiliation, the author wrote about another threat for PC users called key logging. A key logger is a piece of software—a Trojan horse—that copies keystrokes you type in with the goal of capturing sensitive data like user names and passwords. Of course, you’d have no idea it was doing this. Then the software would transmit that data over the internet to a central database where the thieves would use it to crack into user accounts of almost any kind.

Let me emphasize—key loggers are not new. They have been around (or at least technically possible) as long as we’ve had PC’s widely available. Key loggers would likely be sent as an attachment or piece of software that appeared to be benign or useful, fooling you into thinking they were safe. The most clever key loggers would hide in the background, capture data and then remove themselves from your PC. This would be a truly dangerous threat—a key logger that removed itself before your anti-virus software had time to detect it—but not before it compromised sensitive data. If I was a “black hat”, I’d write a key logger that captured online bank logins before the US banking industry implements the mandatory two-factor authentication that will be required, I believe by 2007. What a remarkable and nightmarish opportunity for international hackers and crime rings, operating in countries that are difficult for US law enforcement to penetrate. Key loggers and Trojans should be detectable by anti-virus software, in theory, as long as you are getting near real-time updates of your virus definitions.