Public Computers and Dangerous Keyloggers
Coffee shops, computer stores, airports and even libraries all offer free access to computer systems connected to the internet. Due to the proliferation of web based services in both the personal and corporate environment, it is easy to be tempted to use one of these public systems to check your email or access other private information.
By their very nature, these systems can be accessed by anyone. Including the bad guys. Once someone has physical access to a computer, it becomes very easy to gain administrative access to the system. These types of open access systems are usually riddled with viruses, spyware and other tools that can capture any information you input into the computer.
One of the most common tools the bad guys install is called a Keylogger. It is a program that keeps track of every keystroke that is made on that computer. Once the data is collected, the program can either store the information in a file on the system or transmit it to any computer on the internet.
If you login to check your email on a public computer with a keylogger on it, the bad guys will have a record of your username and password. Once someone has access to your email account, they can search for confirmation emails from other web sites. Soon they will have access to your Amazon.com account or your online banking service. The damage that can be done, and done quickly, is staggering.
Since this technology captures your information from the keystrokes you type, it bypasses any security on the web site itself. That's the important thing to remember. No matter how good the encryption or security of the service you are accessing, it doesn't matter. Keyloggers capture your authentication information before it is ever encrypted.
Keyloggers are readily available. A quick Google search will show dozens of different versions available. Some are even free. The reason Keylogger programs are so easy to obtain is because they can be used to monitor children's computer usage in the home. Or employees actions at the office.
The best habit you can get into is to not use these systems at all for any access that requires you to log in. Just like you wouldn't take a sip of a drink you found on a table in the library, don't trust a unknown computer. You don't know where it's been.