What The Keylogger Can Do

A keylogger is a program that runs in your computer’s background secretly recording all your keystrokes. Once your keystrokes are logged, they are hidden away for later retrieval by the attacker. The attacker then carefully reviews the information in hopes of finding passwords or other information that would prove useful to them. For example, a keylogger can easily obtain confidential emails and reveal them to any interested outside party willing to pay for the information.

Keyloggers can be either software or hardware based. Software-based keyloggers are easy to distribute and infect, but at the same time are more easily detectable. Hardware-based keyloggers are more complex and harder to detect. For all that you know, your keyboard could have a keylogger chip attached and anything being typed is recorded into a flash memory sitting inside your keyboard. Keyloggers have become one of the most powerful applications used for gathering information in a world where encrypted traffic is becoming more and more common.

As keyloggers become more advanced, the ability to detect them becomes more difficult. They can violate a user’s privacy for months, or even years, without being noticed. During that time frame, a keylogger can collect a lot of information about the user it is monitoring. A keylogger can potential obtain not only passwords and log-in names, but credit card numbers, bank account details, contacts, interests, web browsing habits, and much more. All this collected information can be used to steal user’s personal documents, money, or even their identity.

A keylogger might be as simple as an .exe and a .dll that is placed in a computer and activated upon boot up via an entry in the registry. Or, the more sophisticated keyloggers, such as the Perfect Keylogger or ProBot Activity Monitor have developed a full line of nasty abilities including:

* Undetectable in the process list and invisible in operation
* A kernel keylogger driver that captures keystrokes even when the user is logged off
* A remote deployment wizard
* The ability to create text snapshots of active applications
* The ability to capture http post data (including log-ins/passwords)
* The ability to timestamp record workstation usage
* HTML and text log file export
* Automatic e-mail log file delivery

All keyloggers are not used for illegal purposes. A variety of other uses have surfaced. Keyloggers have been used to monitor web sites visited as a means of parental control over children. They have been actively used to prevent child pornography and avoid children coming in contact with dangerous elements on the web. Additionally, in December, 2001, a federal court ruled that the FBI did not need a special wiretap order to place a keystroke logging device on a suspect’s computer. The judge allowed the FBI to keep details of its keylogging device secret (citing national security concerns). The defendant in the case, Nicodemo Scarfo Jr., indicted for gambling and loan-sharking, used encryption to protect a file on his computer. The FBI used the keystroke logging device to capture Scarfo’s password and gain access to the needed file.

Is Somebody Phising For Your Identity?

Who hasn’t received an email directing them to visit a familiar website where they are being asked to update their personal information? The website needs you to verify or update your passwords, credit card numbers, social security number, or even your bank account number. You recognize the business name as one that you’ve conducted business with in the past. So, you click on the convenient “take me there” link and proceed to provide all the information they have requested. Unfortunately, you find out much later that the website is bogus. It was created with the sole intent to steal your personal information. You, my friend, have just been “phished”.

Phishing (pronounced as “fishing”) is defined as the act of sending an email to a recipient falsely claiming to have an established, legitimate business. The intent of the phisher is to scam the recipient into surrendering their private information, and ultimately steal your identity.

It is not at easy as you think to spot an email phishing for information. At first glance, the email may look like it is from a legitimate company. The "From" field of the e-mail may have the .com address of the company mentioned in the e-mail. The clickable link even appears to take you to the company's website, when in fact, it is a fake website built to replicate the legitimate site.

Many of these people are professional criminals. They have spent a lot of time in creating emails that look authentic. Users need to review all emails requesting personal information carefully. When reviewing your email remember that the "From Field" can be easily changed by the sender. While it may look like it is coming from a .com you do business with, looks can be deceiving. Also keep in mind that the phisher will go all out in trying to make their email look as legitimate as possible. They will even copy logos or images from the official site to use in their emails. Finally, they like to include a clickable link that the recipient can follow to conveniently update their information.

A great way to check the legitimacy of the link is to point at the link with your mouse. Then, look in the bottom left hand screen of your computer. The actual website address to which you are being directed will show up for you to view. It is a very quick and easy way to check if you are being directed to a legitimate site.

Finally, follow the golden rule. Never, ever, click the links within the text of the e-mail, and always delete the e-mail immediately. Once you have deleted the e-mail, empty the trash box in your e-mail accounts as well. If you are truly concerned that you are missing an important notice regarding one of your accounts, then type the full URL address of the website into your browser. At least then you can be confident that you are, in fact, being directed to the true and legitimate website.

Parental Peace of Mind

The advent of the Internet, in some respects, made the job of parenting a little harder. We want our children to experience the vast wealth of knowledge available on the Internet and communicate with their friends online (frees up the telephone). Unfortunately, it also potential exposes our children to inappropriate material, obscene pop-up ads, and even sexual predators. In fact, research indicates that 1 in 5 children aged 10 to 17 have received a sexual solicitation over the Internet. This is definitely not something any parent wants to hear, but is forced to face.

We need a little assurance that when our children access the web, they can do so safely. Internet filters are crucial to protect your children. One tool that can assist us in this goal is Internet Parental Control software. One of the top names in parental control software is ContentWatch, and if the Big Mouse himself recommends this product, then it has to be good. If Disney feels good enough to install three of the ContentWatch products in their Disney Dream Desk PC, it has to be worthy. After all, they are willing to stake their reputation on it.

Internetfilterreviews.com rated ContentProtect 2.0 the #1 Internet filtering software. It is easy to install, configure, and customize. If you do have any problems, ContentWatch provides unlimited toll-free technical support. ContentProtect can blocks pornography, hate sites, questionable chat rooms, and other known dangers of the Internet. You can even configure ContentProtect to block online game and gambling sites, and make it so your children can only install and play computer games with parental ratings that you deem appropriate.

Other features include:

* Integration with Safe Search features in popular search engines

* Reports of your children's internet activity

* Logs of your child's chat room and instant messages

* Reports if your child tries to remove or disable protection

* Filters bad content on Peer-to-Peer networks and other areas

* Password protected access for parents

* Customizable restrictions for each family member.

* Automatic software updates at no additional cost.


ContentWatch provides a two-week, no-obligation free trial of the full version. The product costs $39.99 per seat (installs on only one computer). This is a one time purchase price which will give you unlimited use of the service. You never have to renew a subscription or pay any additional membership fees for use of the program. It seems like a reasonable price for a little parental peace of mind.

Which Spyware Is Infecting Your PC?

pyware or adware items are continually infecting computers. Most computers have no protection from them. Most frightening is the frequency of them.

From the InfosecWriters web site, "According to a 2004 survey by America Online and the National Cyber Security Alliance, 91% of users questioned were familiar with the term spyware. Only 53% believed their computers were infected, but a scan found that 80% of their PCs had some type of spyware installed on them." It goes on to say, "...The average number of spyware components per computer was 93 with one computer having well over a thousand."

What is Spyware?

Butte College (www.bctv.butte.edu/support/spyware.html) offers this definition:

“The term ‘spyware’ is broadly defined as any program that gets into your computer without permission and hides in the background while it makes unwanted changes to your user experience.

Spyware is generally not designed to damage your computer. The damage it does is more a by-product of its main mission, which is to serve you targeted advertisements or make your browser display certain sites or search results.

At present, most spyware targets only the Windows operating system (Internet Explorer).”

To be fair, spyware can be harmless, for example tracking cookies don’t do much. While such things infringe on your privacy, they don't really harm anything. Others, however, are extremely dangerous.

So what do you do about it?

No spyware program seems to do everything, but there are a lot of goods solutions out there that can help. Here is a list of some of the top Spyware tools to look at:


1) Try Ad-Aware 6.0 Professional from LavaSoft (there is also a free version with less functionality)

2) Spybot Search & Destroy from PepiMK Software


3) Xoftspy form Pareto Logic

5) Spyware Guard from Javacool Software is a free program

4) Pest Patrol (now part of Computer Associates by acquisition)

5) McAfee Anti-Spyware

One thing is for certain: you do need to take spyware seriously. For some reason, too many people out there think anti-virus solutions are the end-all solution. They are not.

And, when all else fails?

Finally, as drastic as it seems, if your computer has been infected with a large number of spyware programs, the only solution you may have is backing up your data, and performing a complete reinstall of the operating system.