Am I truly safe from keyloggers?

Discussion in 'macOS' started by paulyonder, Jul 18, 2009.

  1. paulyonder macrumors newbie

    Joined:
    Sep 18, 2007
    #1
    Hey Guys,

    Just to give you a bit of background, a couple of days ago I got a delightful email stating that I'd just sent a payment of £600 to some random woman via PayPal. Hmm, definitely didn't send that. Logged into my paypal and sure enough seconds previously the money had gone off my credit card to a random email.

    Turns out someone had decided to use my paypal account to pay for an eBay purchase. On contacting the email address turns out the seller was innocent. Someone had arrived on her doorstep to collect in person, claiming to be me, even using my name!:eek:

    Luckily the seller asked for ID and the criminal (who alarmingly was a young boy) couldn't prove they were me.

    So after that back ground, my question to you knowledgeable folk is how the hell did they get my PayPal password?!

    I'm typing on a MacBook Pro and feeling less safe than I ever have done. Is there any chance someone's installed a keylogger? Has anyone else suffered a paypal hack?


    Cheers for any info/recommendations guys, it's much appreciated.

    Thanks:)
     
  2. MacMini2009 macrumors 68000

    MacMini2009

    Joined:
    May 22, 2009
    Location:
    California
    #2
  3. paulyonder thread starter macrumors newbie

    Joined:
    Sep 18, 2007
    #3
    Yup a work machine, but it should be relatively watertight.

    Is this the most likely way anyone could get my paypal login? I most certainly don't fall for phish emails so I'm really struggling to work it out for my own santity!

    Thanks for AV link btw!:)
     
  4. MacMini2009 macrumors 68000

    MacMini2009

    Joined:
    May 22, 2009
    Location:
    California
    #4
    Did you use your paypal account on your PC? Did you visit any naughty websites?
     
  5. Queso macrumors G4

    Joined:
    Mar 4, 2006
    #5
    HTTPS websites are now being compromised at an increasing rate. Therefore a malware payload (including keyloggers) can be downloaded to the PC inside the SSL encryption, which bypasses the anti-virus scanning in most companies. Gradually IT departments are becoming aware of this and enabling the SSL proxy components on their web gateways, but unless your IT can confirm they have done this you cannot trust the work computer.
     
  6. gekko macrumors 6502

    Joined:
    Mar 20, 2009
    #6
    The short answer is, no, you will never be truly safe from keyloggers on any computer.

    The long answer is that you're more safe in OS X on your MacBook Pro than on Windows. You should also keep in mind that a keylogger is not the most likely reason your account was hacked. The hackers could have gotten hold of your password via phishing, fooling you into logging in using your password on their own site pretending to be paypal's site. You could've had a weak password that was broken by brute force, although paypal has some defences against that sort of attack, or if you use the same password other places, they could've gotten it from those. If the password ever went over a wireless connection using a weak encryption scheme to a site not using https (paypal itself does) it could have been snooped that way.
     
  7. gothamm macrumors 6502a

    Joined:
    Nov 18, 2007
    #7
    here we go...typical "blame the pc" response.


    the emphasis of his question relies on whether the macbook pro is prone to keylogging.

    so can someone answer that, please?
     
  8. Queso macrumors G4

    Joined:
    Mar 4, 2006
    #8
    Not unless the OP has been installing software from untrusted sources, no.
     
  9. paulyonder thread starter macrumors newbie

    Joined:
    Sep 18, 2007
    #9
    Hey guys, thanks for the posts. Nope I can confirm I haven't been on dodgy sites on either my MBP or the work machine (not a risk worth taking with my job!).

    My only guess is that my password wasn't sufficiently strong on Paypal. I was just surprised that PayPal wouldn't be able to stop that stuff. Surely by brute force requires a number of 'incorrect' attempts which should lock you out eventually, you can't just sit there and continually try can you?

    So livid making, even though the wheels are in motion to get the cash back, I just do not feel as safe with any transaction online anymore!

    Cheers
     
  10. gekko macrumors 6502

    Joined:
    Mar 20, 2009
    #10
    OS X is less prone to keyloggers than Windows, and that's not because it's impossible to make and install keyloggers on OS X. It's simply just done a lot less for reasons that computer people can spend ages arguing about. (smaller user base vs better OS security)
    That's good, but e-mails are not the only way you can be fooled to enter your password on an attacker's site. One other way is for a phony seller site to pretend to link to paypal when really it only goes to a phising site, or another more malicious way is to hack a wireless network and poison the dns lookup so that https://www.paypal.com actually goes to the attacker's site. That last one is quite hard to defend against, but I don't think there are known exploits against modern wireless encryption, so you'd be relatively safe if you use that.
     
  11. gothamm macrumors 6502a

    Joined:
    Nov 18, 2007
    #11
    thanks. i have been interested in this.

    without getting too personal, my father installed a keylogger on my moms pclaptop (cybersitter). the only way i found out is that he forgot to close/hide the porgram.

    Ive since been super paranoid in regards to my mac, thinking that i will be next.

    none of those antivirus programs seem to detect keyloggers anyhow.


    so it makes me wonder how secure a mac is.
     
  12. Cromulent macrumors 603

    Cromulent

    Joined:
    Oct 2, 2006
    Location:
    The Land of Hope and Glory
    #12
    Mac OS X is just as prone as Windows is. The only difference is that Mac OS X requires you type your password in before it will install most malware. Windows does not.

    Therefore in order to avoid the problem don't type your password in to every random thing that asks for it. Make sure you know exactly why you are being asked to supply it and what the program is going to be authorised to do.
     
  13. angelwatt Moderator emeritus

    angelwatt

    Joined:
    Aug 16, 2005
    Location:
    USA
    #13
    I think this is the more likely thing happening. I highly doubt any key logger has been on your machine. Weak passwords have been an issue for many web sites security. The people using brute force techniques against sites have a way of getting around the issue of too many incorrect attempts at a time. Most sites won't lock the account though (but one of mine does and it locked me out because it was being stupid).

    So just make sure to change your password (which you likely already did) and make sure it's strong. You may want to take a look at 1Password, which is a password manager and keeps you from having to type passwords very often and so even if there was a key logger, it wouldn't be able to catch your password after you initially enter it into the software. It also has a feature to check the strength of your password.

    Good luck on getting your money back. I've had pretty good luck with PayPal being helpful in this area.
     
  14. paulyonder thread starter macrumors newbie

    Joined:
    Sep 18, 2007
    #14

    Angelwatt, quick thankyou for your response, its much appreciated. Paypal have issued a refund back to my card, only thing is the card has now been cancelled so we'll see how this works out...!

    Thanks very much for everyones help, I can be sure of a quick and accurate response from you guys and it shows the real wealth of knowledge knocking about on these boards.

    Cheers chaps, I'm off to watch The British Open, looks like Watson may hold it together...

    :)
     
  15. Scarlet Fever macrumors 68040

    Scarlet Fever

    Joined:
    Jul 22, 2005
    Location:
    Bookshop!
    #15
    Sorry for verging off topic, but I had to post this.

    This was the Google ad at the bottom of this page.
     

    Attached Files:

  16. iMav macrumors 6502

    iMav

    Joined:
    Jun 20, 2008
    Location:
    Columbus, WI
    #16
    I suggest getting paypal's 2-factor authentication token (which you can tie into your eBay account as well). That will stop account hi-jacking COLD.
     

Share This Page