“Criminals
go to the lobbies and they sit with machines in the lobbies with keyloggers,
and everything is recorded and is given to the criminals, and that means they
have access to your accounts”
Professor Marco Gercke,
out ITU (International Telecommunication Union) liason for the Cybercrime
Research Institute as reported in the Saturday Gleaner dated August 3rd,
2013
Today
I’m beyond shocked after reading some article in the Newspaper about Cybercrime.
No it’s not the article on the Ministry of Security tapping our phone
conversations is nothing new as reported in the article “HELLO...!They
Are Bugging Phones ... But Won't Tell!”, Published Sunday August 4, 2013,
by Tyrone Reid, Senior Staff Reporter, The
Jamaica Gleaner as this has been the norm since even JAMINTEL Days.
In
fact they can also get Geo-Location information as well, which may not require
a warrant, as its not personal information you own related to your mobile phone.
The Ministry of Security also has plans for HD CCTV Camera Network that may be used
to power their Automated Traffic Ticketing System, all of which is described in
my blog article
entitled “GOJ
to upgrade NWA's CCTV Traffic Monitoring Network to give Police more eyes in
Private Places - The Da Vinci Code for Automated Traffic Ticketing System and
1984”. These things are all well known.
The
focus of my article this time is the growing danger of Spear Phishing at Cybercafés
or Internet Cafes as highlighted by Professor Marco Gercke, out ITU
(International Telecommunication Union) liason for the Cybercrime Research
Institute as stated in the article “Jamaicans
Scammed - Cyber Crimes Expert Advises Caution When Accessing Internet In Public
Spaces Abroad”, Published Saturday August 3, 2013, The Jamaica Gleaner.
You
may know him. Professor Marco Gercke was the cybercrime expert who in January
2013 was instrumental in the review of Jamaica’s Cybercrime Laws as stated in
the article “Cybercrimes
Expert To Assist Jamaica Review Laws”, Published Friday January 25, 2013, The Jamaica Gleaner .
The
Cybercrime Act of 2010 has since been overhauled and amended basically treating Cybercrime on the same level as
2nd Degree murder or Grand Larceny as stated in my blog article
entitled “GOJ
amends the Cybercrime Act of 2010, enlists Ethical Hackers in a Cyber Emergency
Response Team - White Hat Hackers are the Q.U.E.E.N Project Janelle Monae and
Erica Badu Style”. Add a sprinkling of White Hat Hackers and we have the
equivalent of Netforce in Jamaica, albeit a concept still in its infancy!
His most recent suggestions in June 2013 before a joint
select committee of the Legal Reform Department of using Remote Monitoring
Software i.e. keyloggers and possibly Software with Remote Log Retrieval, has
been rejected as encroaching too much on the individual privacy of Jamaicans as
reported in “Suggestion
To Use Remote Forensic Software In Fighting Cybercrime Dismissed”,
published Wednesday June 5, 2013 12:10 by Daraine Luton, Senior Staff Reporter,
The Jamaica Gleaner.
Apparently, fear that the US Govt can possibly override the
software and use it to spy directly on unsuspecting Jamaicans may be the REAL
reason why this proposal was rejected. Thus in clever fashion,
Professor Marco Gercke has now spun the argument around, pointing out that the
same Remote monitoring Keylogger software was potentially a weapon in the hands
of scammers to get unsuspecting victims to unwittingly
send money after the hacker has used the info obtained via keylogging software to
steal their identity online.
Spear
Phishing – Good Free Keyloggers Gone Bad
It
involves the installation of a Keylogger, which is a piece of software used to
record keystrokes on a computer or Laptop and yes, Smartphones and Tablets too
as stated in:
1. “5
Best Free Keyloggers”, published May 18, 2010 by Ishan Bansal, ilovefreesoftware
2. “Top 5 Best
Free Keylogger Software for Windows”, published July 10, 2012 by Himanshu, Top 5 Freeware
3. “10 Free
Keyloggers to monitor your Local PC or Laptop!”, published February 22 at
5:02am by user No MoRe BarrieR oN CarrieR, Facebook
And
yes they‘re ALL freeware; here’s the condensed list of some of the better ones
(sorry I can’t show you how to use ‘em!):
7. Kidlogger
9. Py
keylogger
12. Romaco Keylogger
The
hacker installs the keylogger on the target computer, usually one of those
located in a Cybercafé or Internet Cafe (local or abroad it doesn’t matter),
possibly while viewing some free porn as stated in the article “XXX-Rated
Kids”, Published Sunday July 28, 2013, by Tyrone Reid, Senior Staff
Reporter, The Jamaica Gleaner.
The Keylogger then
records your every keystroke invisibly and saves it in a log file, which the
hacker can either retrieve by going to the hidden folder on the target computer
or have sent to his email by the software when it detects a lull in activity on
as per request remotely by the hacker.
At
this point if the hacker is just nosy, he can use the info to access toy
accounts i.e. Facebook, Twitter, email accounts and mess about. If he’s a
little more serious, he can scam you by either using your account to request
money from your relatives or parents (local or abroad) or worse, if he had
captured your credit Card, he can also go on a serious shopping spree.
Oh
no!
More
reason to NOT use your Scotia VISA Debit Card or Credit Card at a Cyber or
Internet Café. Best to do your shopping at home on either an Apple Mac or a PC
running Open Source Software i.e. Fedora Linux or Ubuntu Linux as suggested in
my Geezam article entitled “How to
use Scotia VISA Debit Card Online”.
Defense Against the
Dark Arts – How to Remove a Keylogger
Keyloggers
are not all bad, as they are an excellent way to monitor Kid’s usage of the
Internet. This use of them is very bad though. If you absolutely can’t avoid
using an Internet Café to do your business, you need to protect yourself. Thus
here’s my Defense Against the Dark Arts as condensed from the article “How
to detect if a Keylogger is installed?”, published August 22, 2010 by
Secure_Leonilo, Microsoft Community
:
1. Install
either SpyBot Search and Destroy
or MalwareBytes
2. Install
Avast Antivirus Software and set it to
do a boot scan
3. Boot
into Safe Mode by pressing F8 Function Key during boot up of the
computer and select “Start in Safe Mode”
4. Let
the computer run through the Avast
Antivirus Software Boot Scan and hit the keys it prompts you to hit. It may
detect a virus or two, one of which may be the Keylogger
5. When
it finishes, your computer will boot to the Start Desktop Screen
6. Run
either SpyBot Search and Destroy
or MalwareBytes and select to
do a Thorough or Deep Scan. It may detect a malware or two, one of which may be
the Keylogger
Alternatively,
you may use these three (3) free alternative Anti-Keylogger removal Software as
stated in the article “Don’t
Fall Victim to Keyloggers: Use These Important Anti-Keylogger Tools”,
published December 28, 2012 By Joel Lee, MakeUseOf:
Final Words on Spear
Phishing – Scammer’s American Hustle for Fast Cash
So that’s it. Keyloggers
are a tool that can be used for both good and bad, depending on whose hands the
software is in. Use this knowledge wisely and you can avoid being the next victim
of a Spear Phishing attack as per the warning by Professor Marco Gercke. Jamaicans,
protect yourself as Scammers, hungry for money, are taking advantage of freely
available keyloggers and may be targeting even local Jamaicans in an American Hustle (2013) for
Fast Cash
No comments:
Post a Comment
Please register and leave you comments. For contact, leave an email or phone number and I'll be sure to get back to you.