A new scam gaining popularity among criminals involves “key logging.” Key logging software records everything that is typed on your computer, including password information, and sends the information to an outside party. The unwanted software, sometimes referred to as “spyware,” “adware” or “key logging software,” usually infects a computer in the form of a virus attached to an e-mail or other type of download. Many times, these downloads are bundled with free program offers. If you click to install a free program and click “Agree” to the End User License Agreement without reading it fully, you may be unknowingly granting permission to download spyware along with the free program.
Some signs that your PC may be infected by unwanted software include:
- A slowing of your computer, both offline and online
- An unexpected increase in unsolicited e-mail or messages sent without your knowledge
- Strange browser behavior, such as increased pop-ups or unexplained changes to your home page settings and Web site favorites.
To lessen your risk of key logging, avoid downloading software from sources that you do not know and trust. Also, make sure you have up-to-date antivirus protection installed on your PC. Antivirus software provides protection against viruses that compromise your computer’s security. Once installed, make sure you keep your antivirus software updated.
Man in the Middle (MIM)
Man in the middle attack intercepts communication between two systems and is a form of active eavesdropping. The attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker. The attacker must be able to intercept all messages going between the two victims and inject new ones, which is straightforward in many circumstances (for example, an attacker within reception range of an unencrypted Wi-Fi wireless access point, can insert himself as a man-in-the-middle).
A man-in-the-middle attack can succeed only when the attacker can impersonate each endpoint to the satisfaction of the other—it is an attack on (or lack of) mutual authentication. Most cryptographic protocols include some form of endpoint authentication specifically to prevent MIM attacks. For example a bank demands authentication from the user: a password, a one-time code from a token. The attacker sitting in the middle receives the request from the bank and passes it to the user. The user responds to the attacker, who passes that response to the bank. Now the bank assumes it is talking to the legitimate user, and the attacker is free to send transactions directly to the bank. This kind of attack completely bypasses any two-factor authentication mechanisms, and is becoming a more popular identity-theft tactic.
Unlike phishing, “pharming” scammers don’t lure their victims with emails. Instead, malicious code is installed on a personal computer or server, misdirecting users to fraudulent Web sites without their knowledge or consent – even if the user types the correct address into their browser or uses an existing bookmark for their bank’s website. Once on the fraudulent site, the user will be asked to submit confidential information and the attackers will capture this information for illegal use.
So how can users protect themselves? If you’re going to enter confidential information on a Web site, first check to be sure the site has a valid certificate from a service such as VeriSign®. Click on the padlock icon in the browser’s status bar to see the certificate, and check to be sure the name on the certificate matches the Web site. As always, customers should run anti-virus and anti-spyware software and update their computers with the latest security patches and a firewall. If you notice something suspiciously different about the way your internet banking site is functioning, call the bank to verify that you are using the correct site.
Tab napping is more sophisticated than phishing scams and doesn't rely on persuading the user to click on a link to a scammer's Web page. Instead, it targets internet users who open lots of tabs on their browser at the same time. It works by replacing an inactive browser tab with a fake page set up specifically to obtain personal data - without the user even realizing it has happened.