Across town, a man went to prison for embezzling, a crime he adamantly denies doing. The jury didn't hesitate to convict him. He was the only person who knew corporate bank account numbers and passwords.
Even more unsettling, a promising college student has no money to pay his tuition. His personal bank account is suddenly empty. His parents assert that he spent their hard-earned cash on a girlfriend rather than paying for his education.
These types of stories are commonplace. It's easy to judge and condemn these individuals for bad behavior. Sadly, the true culprit could be a form of malware, instead of unseemly behavior.
Malware is a generic term coined by computer professionals to describe software engineered with a malicious intent. Malware infiltrates a computer without the owner's consent. The perceived ill will of the code's creator is the reason it receives the designation of malware.
All malware invades, disrupts and causes harm to the affected computer. Classic symptoms of contamination include poor computer performance and sudden computer rebooting. Examples of malware include computer viruses, spyware, worms, Trojan horses, dishonest adware, crimeware, keyloggers and more.
Spyware, also a generic term used by computer professionals, describes software engineered to perform surveillance. Not all spyware is ill-intended. Most spyware exists to monitor web-browsing habits. When visiting compromised websites, users unwittingly download the spyware. A surprising number of websites, even well respected ones, embed a form of spyware into their code. The software's purpose is to monitor and report marketing information back to advertisers and companies. This is how the term adware arose. Commonly referred to as a data-mining program, this type of spyware is relatively harmless. Its biggest potential effect is slowing the performance of a contaminated computer.
Keylogger software comprises the biggest threat to computer security. This surveillance software records each keystroke the user makes and writes it to a log file. Keyloggers can record instant messages, email, account IDs and even passwords. Of great concern is banking and online bill-pay information.
Once recorded, a cyber-crook receives the ill-gotten data. The vehicle of transmission is the unsuspecting user's own internet connection. Once received, the thief sifts through the data and uses the information to drain the victim's bank accounts, access email accounts and more.
Users can contract a keylogger through several methods. Some viruses carry this form of spyware within their code. However, the most common form of contamination comes from clicking on email attachments or email-embedded links. Once clicked, the keylogger is loaded onto the computer. A new innovative hacker technique hides the keylogger in an mp3 file or delivers it through a XSS (Cross Site Scripting) attack.
XSS attacks are the injection of malicious scripts into web pages. Clickjacking and Code Injection are common forms and names of an XSS attack. When this type of onslaught happens, access to sensitive page content, session cookies and personal information occurs by circumventing the normal browser client-side security. In simple terms, the malicious code masquerades as a website and tricks the browser into allowing access.
Many erroneously assume that antivirus antispyware software keeps their PC safe from these malware threats. Antivirus and antispyware apps work in similar ways. Both require regular updates to definitions and signature databases. Days and weeks can pass from the time a new signature or definition occurs and the manufacturer releases an antivirus and antispyware software update. More time loss occurs between the actual downloading of the update and the user implementing a virus and spyware scan. When considering malicious forms of spyware, this lost time leaves the user vulnerable to identity theft and innumerable loss of sensitive information. Anti-keylogger software fills the gap and proactively blocks keylogging software's access to the system by encrypting all keystrokes the user makes.
So what do you really need to protect your PC? There is no single solution. Internet connected computers need a comprehensive security plan.
Firewalls are the user's first line of defense. A firewall protects the PC from outside intruders. Firewalls can take the form of software or hardware. To learn more about software vs. hardware Firewalls please view our learning center article Hardware Firewalls vs. Software Firewalls.
Traditional antivirus and anti-spyware security software protects the computer from Trojans, viruses, worms, adware and spyware. Frequently, these programs are bundled into a single software offering called a suite. Keeping these applications updated and performing regularly-scheduled system scans adds another level of internet security. Disabling these security apps or failing to perform updates and scans will leave a user vulnerable to the majority of internet-related threats.
Our Antivirus Software Review and Our Antispyware Software Review site provides objective side-by-side comparisons of software in these categories.
No approach to computer security is complete unless it addresses a possible keylogger contamination. This type of application is difficult to detect. Antivirus and anti-spyware software frequently misses the presence of a keylogger on the computer. Personal and business losses can mount when a keylogger runs unchecked on a PC.
Selecting a robust and reliable anti-keylogger application is a critical element of any computer security plan. Our top-rated anti-keylogger app is Zemana AntiLogger. To view other highly-rated products in this category please visit our Anti-Keylogger Software Review site.
Ensuring that your favorite browser and operating system are up to date with current versions, patches and updates are vital elements of computer security. Finally, be thoughtful of the information stored on the computer. Never store credit card numbers, bank account IDs, passwords and other sensitive information on your PC. Doing so leaves an individual open for internet exploitation and disaster.