Computer security should be an ongoing concern for every organization. Individuals who try to gain unauthorized access to computer systems are always trying to figure out new methods to cause harm and steal data. Today, keystroke loggers or “keyloggers” (which record the keys you press when entering your username and password) are one of the most common and well-known types of security threats.
While legitimate uses do exist for keyloggers, they are often used with malicious intent. Fortunately, there are effective measures you can take to protect yourself from keyloggers and ensure that login credentials are not compromised:
- Use antivirus software. Antivirus software will scan your device for known malware and/or use behavioral monitoring to detect keyloggers. Always keep your antivirus definitions up to date.
- Use a firewall. Purchase a physical device to monitor, detect, and block keylogging sites (Content Filtering) or use a software firewall (often included with your antivirus software) to notify and/or block unauthorized applications that are being used to access the Internet (to send the logged data).
- Implement “two-factor authentication” (often abbreviated as 2FA). Many sites offer two-factor authentication to lessen the likelihood of compromise of your bank account, email account, etc. If your computer is infected with a keylogger, the hackers will not be able to gain access to your account(s) without also stealing the secondary piece of information, such as a one-time generated passcode sent to your phone.
- Install and use a password manager. Use strong, single-use passwords that you can copy/paste into password fields to defeat many keyloggers. Change your passwords frequently.
- Review your web browser extensions/add-ons regularly. Browser extensions/add-ons can read the data entered on web sites you visit. Disable and/or remove any unknown or suspicious extensions/add-ons to protect the data entered in your web browser.
- Keep your system updated. Make sure you always have the latest security fixes.
- Use caution when opening attachments. Files received via email, social networks, or even text messages can be embedded with malicious software.
Corporate Payroll Services has a two-step verification process in place to protect against security threats. Bank account changes for Direct Deposit will not take effect until a signed authorization form from the employee is received, and an email notification of the account change is sent as part of the verification process. These measures are in place to protect you from monetary losses due to fraud.
To take our free computer security class we offer to customers only, please check the Training Webinars page in the Customer Center.