HYIP-Man: RoboForm Defeats KeyLoggers & Fights Phishing
Sunday, July 02, 2006
RoboForm Defeats KeyLoggers & Fights Phishing
RoboForm Defeats KeyLoggers

A computer that you use may have a keylogger installed on it, especially if this is a computer at internet cafe or at your work. Keyloggers steal your passwords if you manually type them and a third party (your employer, your wife, your competitor or simply a hacker) will be able to log into your accounts using stolen passwords. Keyloggers may be hard to detect due to their stealthing abilities.

RoboForm/Pass2Go starting with ver 6.7.4 provides substantial protection against keyloggers.

Master Password.
Use RoboForm Virtual Keyboard to type your Master Password and keyloggers will not see it. With Virtual Keyboard you click images of keyboard buttons with mouse, not the actual buttons on keyboard, so no keyboard events are generated and keylogger do not see what you type.

Web Site Passwords.
More advanced keyloggers may attach to Internet Explorer and get password directly from the password field using IE page model. In this case they can get even passwords that are not typed. RoboForm provides two types of protection against this:
• Quick Typing. Roboform enters password quickly and it presses Submit button quickly, so many keyloggers will not be fast enough to get web page password from the page. Some keyloggers, though, may be fast enough.
• Firefox Factor. Firefox is more closed than Internet Explorer and attaching to it in order to steal passwords directly from fields is more difficult. We have yet to see a keylogger than can steal password directly from Firefox password field when keyboard is not used to enter it.

RoboForm Fights Phishing

RoboForm® is an effective way to help prevent the phishing scams plaguing Internet users today.

Phishing -- the illegal practice of posing as a trusted business or financial institution online in order to deceptively obtain sensitive personal data -- can be exposed when individuals use RoboForm.

Typically a phisher will send an email asking the recipient to visit a web page to confirm sensitive account information. The page will look identical to the business' real page, but is in fact a fake. When the victim types in his or her confidential information on the page, the data is sent to the criminal and the scam is complete.

What makes RoboForm an effective anti-phishing tool, is its practice of securely storing the URL, or Internet address, of sign-in pages in a passcard.

RoboForm shows Passcard as matching only if a URL stored in passcard matches an online URL. If a potential victim routinely uses RoboForm to log-in to web sites, they will not be able to log-in to a fake site because the URL of fake web site would not match URL stored in passcard for the real web site. Users will be tipped off, exposing the fake web site as a phishing scam.

Similarly, when user logs in to account using RoboForm, RoboForm would fill only the login page that has URL that matches URL stored in passcard.

Finally, anytime a user fills in credit card, social security, or other sensitive info using RoboForm, the software automatically opens a warning box stating that the web site is asking for sensitive info. The admonition is an important reminder for RoboForm users.

Every time the warning box appears, users should carefully double-check the URL listed in their web browser. For example, 'www.bankofamerica.com' should appear, not ' www.bankonamerica.com.' If there is any difference at all, there is a good chance the page is a fake.

Free Download RoboForm

Labels:

1 Comments:
Blogger SlantRight 2.0 said...
Dude you spammed me for an advertisement! This is what you meant by "please see me http://hyip-man.blogspot.com"?

Not cool!