How to protect yourself from Keyloggers
My suggestion to all is always try to avoid accessing your bank accounts or mailbox from public computers (cyber cafes…etc). With all the keyloggers that may be stuffed in public computers, they pose a serious security threat to users. Keyloggers mean not just Trojans, but commercial keyloggers as well.
What are key loggers ?
Key Loggers are software or hardware tools that capture the user’s keystrokes from keyboard. This can be useful to determine sources of error in computer systems and is sometimes used to measure employee productivity on certain clerical tasks. But, keyloggers are widely available on the Internet and can be used by private parties to spy on the computer usage of others hence stealing users private data.
I want to let all of you know how to protect yourself from keyloggers. Our aim here is to confuse the keylogger by making it log some gibberish instead of our valid password. Of course, this is not completely foolproof though. Nothing is foolproof on the net. We only have to make it harder for the hacker.(Note: These are tips I personally follow. If you have better ones, let everyone know by commenting here.)
Types of Key Loggers
We’ll be dealing with two types of keyloggers: software and hardware keyloggers.
- Software keyloggers are complex and hence difficult to deal with. Most of them record keystrokes, mouse events, clipboard activity, etc. So our best bet is to scramble the keystrokes smartly.
- Hardware keyloggers are much easier to detect. They are mostly attached between the keyboard and the CPU. A manual inspection should be enough in most cases.
How to confuse and avoid the software keyloggers ?
Let’s say we have to enter a password ‘hello’.
- Click the password box, type any random key. Select the entered random key with the mouse and type h. So we entered the first letter of the password.
- Click the password box, type a random key. Again click and type a random key. Select the last two letters with your mouse and type the next valid key e.
In this case we managed to enter 2 unwanted characters as against one in the first step.
Continue in a similar way to finish typing the password. You can choose any number of random characters between your password.
So the keylogger will log something like:
Note how we deleted the unwanted characters without using back space key or delete key also mouse click is recorded before the random letters also. You can also experiment entering the password in the reverse order, infact any order.
This method can be used for entering the username too, since most banks have account numbers as username. If you are suffering from some keylogger phobia, use this technique while typing the url too.
One more alternate way for Microsoft users is to use one utility that comes with Windows is:
– On-Screen Keyboard (osk.exe) also “Virtual Keyboard”
You can launch this by any of the following ways:
- clicking start->run… and type osk then hit enter. OR
- clicking start-> programs – > accessories – > accessibility – > On-Screen Keyboard
- Alternatively, you can open c:\WINDOWS\system32 folder in Windows explorer and double click osk.exe
I think you now know what to do with this. Go to the password box, then start using mouse to click the keys you find on the On-Screen Keyboard. This way the keylogger will record only clicks.
I personally use On-Screen Keyboard (osk.exe) also “Virtual Keyboard” to enter password to logging my bank accounts.
Another way is utilizing the browser’s search bar or address bar to camouflage the password.
For eg. Click the password box and type a letter of the password. Now click the browser’s address bar or search bar and type some unwanted letters. Alternate between the password box and address/search bar till you finish. The result will be the same as the former method.
How to find the hardware key loggers ?
Hardware key loggers are easy to find. They are devices which is attached in between keyboard and cpu junction. If you are really suspicious about them just check the back side of cpu and find if something is fishy. The images will give you a better idea.
Hardware key loggers are easy to find. They are devices which are attached between keyboard and CPU junction. If you are really suspicious about them just check the back side of CPU and find out if something is wrong. The images will give you a better idea.
Do share the link to all your friends.
If you have more tricks up your sleeve. just pass it on by posting a comment. i will add those to the same article.
1924 readers are already subscribed to this blog! Why don't you be one of them? Subscribe to this blog via your favorite RSS feed reader or by entering your email address on the form below: