Posted on 02/28/2006 1:16:19 AM PST by neverdem
Most people who use e-mail now know enough to be on guard against "phishing" messages that pretend to be from a bank or business but are actually attempts to steal passwords and other personal information.
But there is evidence that among global cybercriminals, phishing may already be passé.
In some countries, like Brazil, it has been eclipsed by an even more virulent form of electronic con — the use of keylogging programs that silently copy the keystrokes of computer users and send that information to the crooks. These programs are often hidden inside other software and then infect the machine, putting them in the category of malicious programs known as Trojan horses, or just Trojans.
Two weeks ago, Brazilian federal police descended on the northern city of Campina Grande and several surrounding states, and arrested 55 people — at least 9 of them minors — for seeding the computers of unwitting Brazilians with keyloggers that recorded their typing whenever they visited their banks online. The tiny programs then sent the stolen user names and passwords back to members of the gang.
The fraud ring stole about $4.7 million from 200 different accounts at six banks since it began operations last May, according to the Brazilian police. A similar ring, broken up by Russian authorities earlier this month, used keylogging software planted in e-mail messages and hidden in Web sites to draw over $1.1 million from personal bank accounts in France.
These criminals aim to infect the inner workings of computers in much the same way that mischief-making virus writers do. The twist here is that the keylogging programs exploit security flaws and monitor the path that carries data from the keyboard to other parts of the computer. This is a more invasive approach than phishing, which relies on deception rather...
(Excerpt) Read more at nytimes.com ...
I don't bank online so I'm not worried about that but I was wondering if programs such as AVG (which I use) will find these programs.
(Denny Crane: "I Don't Want To Socialize With A Pinko Liberal Democrat Commie. Say What You Like About Republicans. We Stick To Our Convictions. Even When We Know We're Dead Wrong.")
(Denny Crane: "I Don't Want To Socialize With A Pinko Liberal Democrat Commie. Say What You Like About Republicans. We Stick To Our Convictions. Even When We Know We're Dead Wrong.")
When typing critical data into a Windoze application, use the mouse to move around in the fill-in-the-blank, and enter the characters in a random order.
(Denny Crane: "I Don't Want To Socialize With A Pinko Liberal Democrat Commie. Say What You Like About Republicans. We Stick To Our Convictions. Even When We Know We're Dead Wrong.")
So long as the *uxes remain in a decided minority that will be true.
Any *ux that is dummy-friendly enough to displace Windows, will be about as promiscuous.
Could you give an example of both?
SSN: 123456789
type 5
mouse in front of the 5
type 2
mouse after the 5
type 9
etc.
A quick google search turned up some antikeylogging software. Any recommendations on which one works?
(Denny Crane: "I Don't Want To Socialize With A Pinko Liberal Democrat Commie. Say What You Like About Republicans. We Stick To Our Convictions. Even When We Know We're Dead Wrong.")
Oh for pete sake get real....
Better yet, just get Linux, where the installation of an executable can't happen without your knowledge and cooperation.
Even if you deliver it, its not exectable till you MANUALLY set it as such.
Its been found that people too dumb to realize the risk of running untrusted software are also too dumb to figure out how to set untrusted software to be executable on linux.
Ok, standing back and waiting for all the posts telling me how windows is the be all and end all. No doubt typed by people running windows behind two firewalls, one antivirus, and three anti-spyware programs.
Computer security ping
My comprehensive list of fully-automatic and free (for home use) protection is:
AVG Antivirus from Grisoft
ZoneAlarm firewall
Spybot Search-and-Destroy (including TeaTimer)
SpywareBlaster(even if you don't bother to manually update it)
Microsoft Anti-Spyware (yeah, really)
I use several other products, including Ad-Aware, but you can install and set up the above and, assuming you haven't already been hit with malware, be safe by setting them to operate completely automatically. I personally don't see the problem with actually clicking on a security program once in a while, but because certain fans of non-Windows operating systems believe that they can be secure without doing anything, I enjoy showing Windows users how they can do the same.
If you're serious you use Trusted Solaris, Tru64, HP-UX BLS, or some other hardened system.
Those systems generally cost bundles of money and run on specialized hardware that costs bundles more.
After that comes OpenBSD. It's probably the most secure OS generally available for commodity hardware today.
Linux (depending on the version), OSX, and the other BSDs come in after that.
Then the not-so-secure distros of Linux (like Linspire).
And Windows at the bottom.
But practically speaking, yes, running Linux or MacOS is so much more secure than running Windows that they are the utlimate in security.
The one without a built-in keylogger.
What kind of fool would trust the same company that wrote that buggy, total seive of an operating system in the first place write an Anti-Spyware program?
My god man, get a clue.
…the smart thing is to use them if at all possible.
Mothers don't let their mothers use Windows - especially for banking.
One reason Windows sells so well is that the user doesn't need to know squat about the operating system to install something new. See a cute new program? Whee, here we go, one click, none of this save to and chmod business.
In response, there are Linuxes now that habitually run as root. They are dummy friendly. And dangerous.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.