Secure Florida offers...

  • Security Alerts
  • C-Safe Classes
  • News and Info

create an account

Email
Password
Forgot your password?


Home > Risks > Keyloggers

Keyloggers (Keystroke Loggers)

While keyloggers are not new technology, they pose a continued threat to computer users and businesses. Keyloggers can be used to collect credit card data from point-of-sale terminals as well as user names and passwords from home computers.

"A keylogger is a hardware device or a software program that records the real time activity of a computer user including the keyboard keys they press." (About.com) Some of them can go farther than just recording keystrokes: they can capture screenshots as well.

Hardware
Hardware keyloggers are impossible to detect with an anti-malware scan. In addition, they are small and easily concealable; some even have WiFi capability. High-end models can be purchased online for $150.00, and most are designed to fit inline on a PS/2 or USB cable. Unencrypted card readers on point-of-sale terminals and public shared computers are particularly vulnerable.

Many hardware keyloggers can be rendered useless on computers by inspecting all the cable connections for extra, unexplained connectors, and on point-of-sale terminals by ensuring that card readers transmit encrypted (coded) data.

Software
Software keyloggers are used to target end-users, likely because they are more successful than attempting a large-scale breach of a secured database. While susceptible to anti-malware scanning, these can sometimes slip by some consumer anti-malware software, quietly capturing login credentials for months.

Currently, there are two simple ways to defeat software keyloggers. First, make sure that your anti-malware program is up to date and that you scan your system frequently—every day is not too often. Second, use two-factor authentication whenever it is available. Two-factor authentication significantly lowers the effectiveness of both hardware and software keyloggers.

Two-factor authentication requires that you supply two (or more) of the three authentication factors: a knowledge factor, a possession factor, and an inherence factor.

In other words

  • Something you know (such as a password or PIN)
  • Something you have (such as a swipe card)
  • Something you are (like a fingerprint or retinal scan)

The use of two-factor authentication is gaining popularity as many large web sites offer the feature as an option. Two-factor authentication will likely become increasingly popular as it renders the possession of a stolen password useless without the possession of the second factor.

RSS Feed | About Us | Contact Us | Sign up for The FIPC Dispatch | Sign up for The Beacon | Report a Crime
© SecureFlorida.org

FDLE