There are several ways to defeat a keylogger. I wanted to describe an easy way which does not need any software or cost you money. It is not a revolutionary or new but quite useful. Some of you may already be practicing the same.
Keyloggers and Trojans can steal you passwords, credit card details or important information while you type them on your system. We are sometimes bound to use third party systems or even our own systems may be compromised (of which we may not be aware of). So how do we defeat a keylogger?
Method
Let’s assume your password is “savemefromkeyloggers”. So when you type the password you need to ensure that you type the above password in a different obfuscated scheme. I am explaining this through an example.
Step 1: Type “veme”
Step 2: Use your mouse pointer to bring the cursor just before “veme” and type “sa”. So what you see is “saveme” but the keylogger log would read as “vemesa”
Step 3: Use your mouse pointer to bring the cursor just after “saveme” and type “ggers”. So what you see is “savemeggers” but the keylogger log would read as “vemesaggers”
Step 4: Use your mouse pointer to bring cursor before “ggers” and type “fromkeylo”. So what you see is “savemefromkeyloggers” but the keylogger log would read as “vemesaggersfromkeylo”
Important Note: Do not use the “arrow keys” to move the cursor. Use the mouse to click at the right place so that the password key strokes are jumbled up and the keylogger owner would not be able to understand your real password.
So you can create your own method to jumble up/obfuscate your “credit card number”, “CSV”, “passwords” or anything that is critical. It is a good practice to always use the same pattern to obfuscate the same data since it would make it more difficult for anybody to decode the real password from a single sample of obfuscated password. It becomes easier to decode when there is a sample of several obfuscated forms of the same password.
Disclaimer: This method do not protect against the advanced crimeawares which use techniques like “Form Grabbing” etc. The good news is that most of the commonly available cheap keyloggers are not all equipped with the same.
Keyloggers and Trojans can steal you passwords, credit card details or important information while you type them on your system. We are sometimes bound to use third party systems or even our own systems may be compromised (of which we may not be aware of). So how do we defeat a keylogger?
Method
Let’s assume your password is “savemefromkeyloggers”. So when you type the password you need to ensure that you type the above password in a different obfuscated scheme. I am explaining this through an example.
Step 1: Type “veme”
Step 2: Use your mouse pointer to bring the cursor just before “veme” and type “sa”. So what you see is “saveme” but the keylogger log would read as “vemesa”
Step 3: Use your mouse pointer to bring the cursor just after “saveme” and type “ggers”. So what you see is “savemeggers” but the keylogger log would read as “vemesaggers”
Step 4: Use your mouse pointer to bring cursor before “ggers” and type “fromkeylo”. So what you see is “savemefromkeyloggers” but the keylogger log would read as “vemesaggersfromkeylo”
Important Note: Do not use the “arrow keys” to move the cursor. Use the mouse to click at the right place so that the password key strokes are jumbled up and the keylogger owner would not be able to understand your real password.
So you can create your own method to jumble up/obfuscate your “credit card number”, “CSV”, “passwords” or anything that is critical. It is a good practice to always use the same pattern to obfuscate the same data since it would make it more difficult for anybody to decode the real password from a single sample of obfuscated password. It becomes easier to decode when there is a sample of several obfuscated forms of the same password.
Disclaimer: This method do not protect against the advanced crimeawares which use techniques like “Form Grabbing” etc. The good news is that most of the commonly available cheap keyloggers are not all equipped with the same.
0 comments:
Post a Comment