home

Keyblogging and Identity Theft 101

Keyblogging is not that new, but the threat it poses to your privacy is growing. Here's a simple example. Could this have happened to you? If so, you should read this entire Washington Post article.

When Graeme Frost received an e-mail notice that an expensive digital camera had been charged to his credit card account, he immediately clicked on the Internet link included in the message that said it would allow him to dispute the charge. As the 29-year-old resident of southwestern England scoured the resulting Web page for the merchant's phone number, the site silently installed a password-stealing program that transmitted all of his personal and financial information.

Still not concerned?

Keyloggers are fast becoming among the most prevalent and insidious online threats: More than half of the viruses, worms and other malicious computer code that Symantec now tracks are designed not to harm host machines but to surreptitiously gather data from them. In fact, none of the victims interviewed for this story were aware their computers had been seeded with the invasive programs until contacted by a washingtonpost.com reporter.

< Defense Files Objection to Reconsideration of Moussaoui Ruling | Fed. Judge Departs from Guidelines, Says Crack Sentences Too Long >
  • The Online Magazine with Liberal coverage of crime-related political and injustice news

  • Contribute To TalkLeft


  • Display: Sort:
    Re: Keyblogging and Identity Theft 101 (none / 0) (#1)
    by Quaker in a Basement on Thu Mar 16, 2006 at 10:26:03 PM EST
    If you're running Windows, you should visit the Windows update website on the second Wednesday of every month. That's when MS posts the new critical updates.

    Re: Keyblogging and Identity Theft 101 (none / 0) (#2)
    by BigTex on Thu Mar 16, 2006 at 11:33:10 PM EST
    Throwing this out to get y'all's opinion on this. Since most of these offenders are outside of US jurisdiction, and therefore we can't physically seize their computers (assuming there is some judgment against them and they do not comply) what about changing current law so that their machines can be erased? This won't stop the problem, but at least if they were hacked into and their data destroyed it would mitigate the damage they did.

    Re: Keyblogging and Identity Theft 101 (none / 0) (#3)
    by Talkleft Visitor on Fri Mar 17, 2006 at 12:02:30 AM EST
    If you're running Windows, you should get a Mac. Even if you count the controversial "hacks" reported for Mac OSX in the last few weeks, the malware score works out to be 70,000 to 3 in Mac's favor. Vista beta has already been attacked.

    Re: Keyblogging and Identity Theft 101 (none / 0) (#4)
    by Talkleft Visitor on Fri Mar 17, 2006 at 12:46:34 AM EST
    Key L ogging.

    Re: Keyblogging and Identity Theft 101 (none / 0) (#5)
    by Talkleft Visitor on Fri Mar 17, 2006 at 12:47:46 AM EST
    And it's not perfect and never will be, but if you're running Windows, use Firefox instead of IE.

    Re: Keyblogging and Identity Theft 101 (none / 0) (#6)
    by scarshapedstar on Fri Mar 17, 2006 at 12:59:06 AM EST
    I wish spam filters would start tossing out links that appear to go to one site but actually link to another.

    Re: Keyblogging and Identity Theft 101 (none / 0) (#7)
    by Talkleft Visitor on Fri Mar 17, 2006 at 01:16:24 AM EST
    If you're running Windows, you should get a Mac.
    The biggest security advantage the Mac has is the fact that almost nobody uses them.
    I wish spam filters would start tossing out links that appear to go to one site but actually link to another.
    My Macintosh email program lets me look at the real address. I have a Bayesian spam filter, SpamSieve, which appears to be able to pick up on those details - if I train it properly, which I sometimes don't.

    Re: Keyblogging and Identity Theft 101 (none / 0) (#8)
    by Primus on Fri Mar 17, 2006 at 01:23:32 AM EST
    Some comments... Quaker:
    If you're running Windows, you should visit the Windows update website on the second Wednesday of every month.
    Second Tuesday of every month, not Wednesday. scarshapedstar:
    I wish spam filters would start tossing out links that appear to go to one site but actually link to another.
    The current version of Mozilla Thunderbird actually does a pretty good job of doing this. Since I upgraded to version 1.5, every phishing e-mail I've gotten has been flagged with a big yellow warning sign and a message saying "Thunderbird thinks this message might be an email scam." at the top of the message. Just picked up another bogus Chase one right now. Some common sense will stop almost all situations like these. No bank, credit card company, financial institution or stock company will send things like this out via e-mail. No matter how real it looks, don't click on the links. If you've got any doubts, call your bank/whatever via the phone numbers you've got in your wallet or statements. Don't use a number in the suspect e-mail. They'll be happy to talk to you about this, because it's their money and their reputation on the line too.

    Re: Keyblogging and Identity Theft 101 (none / 0) (#9)
    by roy on Fri Mar 17, 2006 at 05:56:07 AM EST
    If you're running Windows, you should turn on Auto Update so you don't have to remember when the critical updates come out.

    Re: Keyblogging and Identity Theft 101 (none / 0) (#10)
    by Edger on Fri Mar 17, 2006 at 06:14:32 AM EST
    Virus scan and spyware scan your computer daily. Personally I use F-prot antivirus - it's fast and doesn't slow your machine down. AdAware will catch most all spyware. Use a firewall so you'll know when any program tries to use your internet connection. Sygate is a good free one.

    Re: Keyblogging and Identity Theft 101 (none / 0) (#11)
    by nolo on Fri Mar 17, 2006 at 07:45:04 AM EST
    I've been using Firefox and Thunderbird at home for a while now, and the only time that my regular spyware scans pick up anything is when I have to switch to IE for some reason. All those tracking cookies . . . sheesh. For spyware protection, I've been using Trend Micro as my proactive defense, and regular scans with the free version of AdAware to cover all the bases. I'm very happy so far. But all of that aside, I have to make one point that seems like it should be obvious. Don't click through the links provided in an email!!! Even if you think the e-mail is legit!!! Just don't. Instead, open your browser of choice independently from the email and access the provider's secure webpage directly. If the e-mail is legit, you can deal with the problem or question after logging in directly to the secure site.

    Re: Keyblogging and Identity Theft 101 (none / 0) (#12)
    by Talkleft Visitor on Fri Mar 17, 2006 at 08:52:23 AM EST
    All comment software on all blogs should have a filter that would instantly delete any post in which a Mac user smugly tells stressed Windows users that they can solve their problems by switching to a Mac.

    Re: Keyblogging and Identity Theft 101 (none / 0) (#13)
    by Talkleft Visitor on Fri Mar 17, 2006 at 09:09:08 AM EST
    I think the implicit statement was "If you're running Windows (and want fewer security problems), get a Mac," not "If you're running Windows (and seek the solution to all of life's troubles), get a Mac." The former statement is objectively true at present, though there is no guarantee it will always be that way. As for the latter statement, Homer Simpson taught us that alcohol is "the cause of, and the solution to, all of life's problems." Throwing technical weight behind this argument, there's no reason why you can't write a keylogger for Mac OS X - in fact, I think several of them exist for your own benefit, as the kind of utilities that say "recover any of your work if you forget to save it," etc. There have been no known cases of such things being installed via an attack on a Macintosh, but that doesn't mean it can't happen. The only real point is that it happens every day on Windows, and to date, not at all on the Macintosh. No one's promising it will stay that way, but ignoring the facts as they exist today because you don't like them, well, that's cakewalk thinking, isn't it?

    Re: Keyblogging and Identity Theft 101 (none / 0) (#14)
    by jimakaPPJ on Fri Mar 17, 2006 at 12:38:47 PM EST
    Matt - Very well said. ;-) DavidD - Better said. ;-) I had a Mac, at one time. It proved the old straw: Great software and lousy hardware. Perhaps they've solved their hardfware problems. Perhaps not.

    Re: Keyblogging and Identity Theft 101 (none / 0) (#15)
    by Joe Bob on Fri Mar 17, 2006 at 04:52:06 PM EST
    I can personally reaffirm the recommendation of Mozilla Firefox. I've had far, far fewer problems with spyware, etc. after abandoning Internet Explorer. Sadly, I think it's an analogous situation to that of Macs. It's not that Firefox is immune to hacking, it's just that not many people have gotten around to trying it yet. I'm sure once it gains in popularity the problems IE is notorious for will migrate over.

    Re: Keyblogging and Identity Theft 101 (none / 0) (#16)
    by Talkleft Visitor on Fri Mar 17, 2006 at 08:00:52 PM EST
    There's a typo in the title; you mean "keylogging", not "keyblogging".

    Re: Keyblogging and Identity Theft 101 (none / 0) (#17)
    by Talkleft Visitor on Fri Mar 17, 2006 at 08:09:23 PM EST
    BigTex writes: Throwing this out to get y'all's opinion on this. Since most of these offenders are outside of US jurisdiction, and therefore we can't physically seize their computers (assuming there is some judgment against them and they do not comply) what about changing current law so that their machines can be erased? This won't stop the problem, but at least if they were hacked into and their data destroyed it would mitigate the damage they did. Sorry, but I don't think that's a workable idea. Spammers and virus writers usually cover their tracks pretty well, and they often falsify information (e-mail headers, etc.) to make it look like the bad stuff is coming from some innocent third party. If such a system were in place, it would be as likely to erase your computer (or, far worse, mine) as the bad guy's.

    Re: Keyblogging and Identity Theft 101 (none / 0) (#18)
    by Talkleft Visitor on Fri Mar 17, 2006 at 09:17:20 PM EST
    I'm on a PC, using Norton AV, and running a spyware scanner that's bundled into the Yahoo toolbar. I use Windows Update (auto DL mode). I'm not stupid about phishing mail. Yahoo's spam blocker catches most of the spam before I see it, and prevents images from displaying until I say so. Is there anything else I really ought to be doing beyond that?

    Re: Keyblogging and Identity Theft 101 (none / 0) (#19)
    by Talkleft Visitor on Fri Mar 17, 2006 at 09:18:25 PM EST
    Oh yeah. I'm behind a firewall (in my router).

    Re: Keyblogging and Identity Theft 101 (none / 0) (#20)
    by Johnny on Sat Mar 18, 2006 at 06:26:33 AM EST
    Is there anything else I really ought to be doing beyond that?
    Maintain one email account solely for signing up for stuff that does not require verification... That will be your primary spam filter account. Maintain a second email account for signing up for stuff that requires a verification, like a blog or forum you like to visit. Maintain a third email account just for your personal correspondence, and threaten everyone on your address book with painful cyber death if they include your email address in any mass-forwarding chain mail letters, and on-line quizzes, any online joke-forwarding services, etc. This will keep you from a lot of spam, without configuring fancy pants filters. Of course, combine a good filter with multiple emails, and you are in like flynn. PS... (If Macs were not priced 2x what they are worth, and if people developed software for the platform at the rate they develop for Windoze, and if you could get AutoCAD for Mac, and if they could use an AMD processor, they might not be such a bad machine. As it sits, the huge premium for having an apple on your monitor is not worth the "security"... Use good security software and develop good internet habits, you won't need an overpriced, limited platform like Macs to enjoy the WWW....;)

    Re: Keyblogging and Identity Theft 101 (none / 0) (#21)
    by Sailor on Sat Mar 18, 2006 at 12:01:26 PM EST
    If Macs were not priced 2x what they are worth, and if people developed software for the platform at the rate they develop for Windoze
    I've never had a Mac desktop break down, (one of them has been running 24/7 for almost 10 years now.) Our secretaries at work can set them up securely out of the box and on the network before the IT folks can get 2 winXP machines hardened enough to be hooked up to the net. And most every bit of *nix software can be easily ported if it hasn't been already. The reason they don't get broken into is not the market share, since they have the same substrate as FreeBSD there are actually more servers on the net than windoze. They are more secure because they come with the default networking ports off; windoze comes with them on. And a whole lot more open ports so M$ can 'help' you. My job requires me to keep our lab machines, split about evenly between WinXP and OS X, secure and on the net 24/7. If I didn't also have to do research this would be great job security as the WinXP machines take about a day a week to keep updated and virus free. My server logs show that I have hundreds of attacks a week on my Mac web and fileservers. Not a single success so far.

    Re: Keyblogging and Identity Theft 101 (none / 0) (#22)
    by Johnny on Sat Mar 18, 2006 at 04:10:34 PM EST
    That's fine Sailor, but a Mac still costs twice as much out of the box, for limited upgradeability, configurability, software options, hardware options, etc etc. Good for the business side, bad for the home side.

    Re: Keyblogging and Identity Theft 101 (none / 0) (#23)
    by Sailor on Sat Mar 18, 2006 at 06:28:00 PM EST
    that's fine johnny, devote your time to hardening your machine against random jpegs infecting it, I'll be devoting my time to research improving your vision.