My Thoughts on Technology and Jamaica: Professor Marco Gercke warns of Scammers using Keyloggers and How to use Keyloggers and Protect yourself

Sunday, August 4, 2013

Professor Marco Gercke warns of Scammers using Keyloggers and How to use Keyloggers and Protect yourself

“Criminals go to the lobbies and they sit with machines in the lobbies with keyloggers, and everything is recorded and is given to the criminals, and that means they have access to your accounts”

Professor Marco Gercke, out ITU (International Telecommunication Union) liason for the Cybercrime Research Institute as reported in the Saturday Gleaner dated August 3rd, 2013  

Today I’m beyond shocked after reading some article in the Newspaper about Cybercrime. No it’s not the article on the Ministry of Security tapping our phone conversations is nothing new as reported in the article “HELLO...!They Are Bugging Phones ... But Won't Tell!”, Published Sunday August 4, 2013, by Tyrone Reid, Senior Staff Reporter, The Jamaica Gleaner as this has been the norm since even JAMINTEL Days.

In fact they can also get Geo-Location information as well, which may not require a warrant, as its not personal information you own related to your mobile phone. The Ministry of Security also has plans for HD CCTV Camera Network that may be used to power their Automated Traffic Ticketing System, all of which is described in my blog article entitled “GOJ to upgrade NWA's CCTV Traffic Monitoring Network to give Police more eyes in Private Places - The Da Vinci Code for Automated Traffic Ticketing System and 1984”. These things are all well known.

The focus of my article this time is the growing danger of Spear Phishing at Cybercafés or Internet Cafes as highlighted by Professor Marco Gercke, out ITU (International Telecommunication Union) liason for the Cybercrime Research Institute as stated in the article “Jamaicans Scammed - Cyber Crimes Expert Advises Caution When Accessing Internet In Public Spaces Abroad”, Published Saturday August 3, 2013, The Jamaica Gleaner.

You may know him. Professor Marco Gercke was the cybercrime expert who in January 2013 was instrumental in the review of Jamaica’s Cybercrime Laws as stated in the article “Cybercrimes Expert To Assist Jamaica Review Laws”, Published Friday January 25, 2013, The Jamaica Gleaner .

The Cybercrime Act of 2010 has since been overhauled and amended   basically treating Cybercrime on the same level as 2nd Degree murder or Grand Larceny as stated in my blog article entitled “GOJ amends the Cybercrime Act of 2010, enlists Ethical Hackers in a Cyber Emergency Response Team - White Hat Hackers are the Q.U.E.E.N Project Janelle Monae and Erica Badu Style”. Add a sprinkling of White Hat Hackers and we have the equivalent of Netforce in Jamaica, albeit a concept still in its infancy!

His most recent suggestions in June 2013 before a joint select committee of the Legal Reform Department of using Remote Monitoring Software i.e. keyloggers and possibly Software with Remote Log Retrieval, has been rejected as encroaching too much on the individual privacy of Jamaicans as reported in “Suggestion To Use Remote Forensic Software In Fighting Cybercrime Dismissed”, published Wednesday June 5, 2013 12:10 by Daraine Luton, Senior Staff Reporter, The Jamaica Gleaner.

Apparently, fear that the US Govt can possibly override the software and use it to spy directly on unsuspecting Jamaicans may be the REAL reason why this proposal was rejected. Thus in clever fashion, Professor Marco Gercke has now spun the argument around, pointing out that the same Remote monitoring Keylogger software was potentially a weapon in the hands of scammers  to get unsuspecting victims to unwittingly send money after the hacker has used the info obtained via keylogging software to steal their identity online.

Spear Phishing – Good Free Keyloggers Gone Bad

It involves the installation of a Keylogger, which is a piece of software used to record keystrokes on a computer or Laptop and yes, Smartphones and Tablets too as stated in:

1.      5 Best Free Keyloggers”, published May 18, 2010 by Ishan Bansal, ilovefreesoftware
2.      Top 5 Best Free Keylogger Software for Windows”, published July 10, 2012 by Himanshu, Top 5 Freeware
3.      10 Free Keyloggers to monitor your Local PC or Laptop!”, published February 22 at 5:02am by user No MoRe BarrieR oN CarrieR, Facebook

And yes they‘re ALL freeware; here’s the condensed list of some of the better ones (sorry I can’t show you how to use ‘em!):

1.      Actual key-logger
2.      Black box express
3.      Free Keylogger
5.      Heretic Macro
6.      Home keylogger
7.      Kidlogger
8.      Personal keylogger
9.      Py keylogger

The hacker installs the keylogger on the target computer, usually one of those located in a Cybercafé or Internet Cafe (local or abroad it doesn’t matter), possibly while viewing some free porn as stated in the article “XXX-Rated Kids”, Published Sunday July 28, 2013, by Tyrone Reid, Senior Staff Reporter, The Jamaica Gleaner.

The Keylogger then records your every keystroke invisibly and saves it in a log file, which the hacker can either retrieve by going to the hidden folder on the target computer or have sent to his email by the software when it detects a lull in activity on as per request remotely by the hacker.

At this point if the hacker is just nosy, he can use the info to access toy accounts i.e. Facebook, Twitter, email accounts and mess about. If he’s a little more serious, he can scam you by either using your account to request money from your relatives or parents (local or abroad) or worse, if he had captured your credit Card, he can also go on a serious shopping spree.

Oh no!

More reason to NOT use your Scotia VISA Debit Card or Credit Card at a Cyber or Internet Café. Best to do your shopping at home on either an Apple Mac or a PC running Open Source Software i.e. Fedora Linux or Ubuntu Linux as suggested in my Geezam article entitled “How to use Scotia VISA Debit Card Online”.

Defense Against the Dark Arts – How to Remove a Keylogger

Keyloggers are not all bad, as they are an excellent way to monitor Kid’s usage of the Internet. This use of them is very bad though. If you absolutely can’t avoid using an Internet Café to do your business, you need to protect yourself. Thus here’s my Defense Against the Dark Arts as condensed from the article “How to detect if a Keylogger is installed?”, published August 22, 2010 by Secure_Leonilo, Microsoft Community :

1.      Install either SpyBot Search and Destroy or MalwareBytes
2.      Install Avast Antivirus Software and set it to do a boot scan
3.      Boot into Safe Mode by pressing F8 Function Key during boot up of the computer and select “Start in Safe Mode
4.      Let the computer run through the Avast Antivirus Software Boot Scan and hit the keys it prompts you to hit. It may detect a virus or two, one of which may be the Keylogger
5.      When it finishes, your computer will boot to the Start Desktop Screen
6.      Run either SpyBot Search and Destroy or MalwareBytes and select to do a Thorough or Deep Scan. It may detect a malware or two, one of which may be the Keylogger

Alternatively, you may use these three (3) free alternative Anti-Keylogger removal Software as stated in the article “Don’t Fall Victim to Keyloggers: Use These Important Anti-Keylogger Tools”, published December 28, 2012 By Joel Lee, MakeUseOf:

1.      NextGen AntiKeylogger
2.      SpyShelter STOP-LOGGER
3.      Zemana AntiLogger

Final Words on Spear Phishing – Scammer’s American Hustle for Fast Cash

So that’s it. Keyloggers are a tool that can be used for both good and bad, depending on whose hands the software is in. Use this knowledge wisely and you can avoid being the next victim of a Spear Phishing attack as per the warning by Professor Marco Gercke. Jamaicans, protect yourself as Scammers, hungry for money, are taking advantage of freely available keyloggers and may be targeting even local Jamaicans in an American Hustle (2013) for Fast Cash

No comments: