Protecting Yourself Online - Dangers Lurking
(Page 2 of 4 )
First of all, let's begin with your passwords. Everyone and their dog are nowadays registered to various forums, from gardening to your Cocker Spaniel dog forum, and much more. We also tend to have email addresses (most people have more than one) and various other accounts to online shops as well, from Amazon to eBay and dozens of other less well known shops.
The major problem starts when we do not think of our own personal computer or laptop as a public computer and, therefore, enable the "password remembering" functions of our favorite browser. This, in and of itself, is awesome-automatically completing lots of fields, and letting you log in without scratching your head to remember your passwords. All right, but here's the deal: those passwords are stored somewhere.
Indeed, they are hashed and encrypted most of the time, but that does not help us at all. The hashing algorithms of today's browsers are all well known. And then comes the fact that most people use the same password for all of their accounts, or at least a combination of the same password (like adding a few digits at the end, for example). This basically means the attacker can get into not just one account, but all of them.
All right, so earlier we mentioned that once you let your favorite browser remember the passwords for you, they are stored and hashed. This means that the browser is able to retrieve (and decrypt) those passwords when required, right? The not-so-surprising fact of the IT world is that it's not only the browsers themselves that are able to do this. Anyone can write applications that do this. It's child's play for coders.
The entire ugly picture looks like this: the attacker writes a tool (or uses one of the popular ones; unfortunately, there are plenty) that is able to retrieve all of the stored passwords of every popular browser, then binds this tool into some other application (generally, an executable). Then he or she tries to convince you to download and run the file. Once executed, the original application is backdoored, meaning the tool does its job in the shadows. Once it's done, it sends the passwords to the attacker.
As seen above, this is one of the most common passwords stealing techniques from the underbelly of the Internet. The funny part is that users almost always fall into these traps. With time, these tools are going to be recognized by antivirus engines. However, these "bad guys" are using encryption and binders that allow them to earn 100% FUD (non-detectable) files for a certain period of time.
The moral of the story is: do not use the password remember features. Use strong passwords and, if possible, please do yourself a favor and use totally different passwords on your financial-related accounts such as eBay, Amazon, PayPal, MoneyBookers, you name it. If you don't enable password storing, then even if you fall into a malicious trap like the one described above, the attacker will receive an empty file!
Moreover, always double check the kind of files you are executing. There are lots of backdoored files that serve underground purposes, and the people launching them receive much more than they ask for. It's not uncommon to hear of WAREZ (you do know what these are, right?) files being backdoored with nasty stuff. The "keygen" will work, yes; but without of your knowledge it also sends your passwords.
On the next page we'll continue discussing our preventive measures and see what we can do.
More Web Hosting Security Articles
More By Barzan 'Tony' Antal