Defending against phishing scams and malware in LogMeIn Central
You and your users should be aware that suspicious emails are sometimes sent to LogMeIn Central users. Such messages simulate GoTo email formats to appear authentic, but do not originate from GoTo. They are designed to convince you to voluntarily disclose personal information, download an attachment or follow a link to a malicious site or application.
Here's how to recognize a scam message:
- Valid links in our emails most commonly point to logmein.com, logmeinrescue.com, or goto.com. If the destination is different, the message is most likely fake.
- Hover your mouse pointer over the link for a couple of seconds.
- Check the actual destination at the bottom left of your browser window, or in the tooltip that appears above the link.
Recognizing fake link destinations
- Watch out for fraudulent alerts that urge you to take action immediately, usually regarding account closure, an expiring subscription, or compromised security.
- Be wary of any message with bad grammar/spelling or inconsistent style.
- Be suspicious of embedded forms in an email – Never submit sensitive, personal or confidential information via forms embedded within email messages.
If you are unsure an email is coming from us:
- Do not select any of the links
- Delete the message to keep your personal data safe
- Do not disclose personal information – Never ever send any information about your account in an email
- Send the entire message to us so we can track down its source
- Make sure your receiving mail server performs a Sender Policy Framework (SPF) check
- SPF allows recipients to verify sender identity (at the organizational level) by allowing domain owners to publish, via DNS, the IP addresses that are authorized to send emails from the specified domains
- Ask your mail server administrator to configure SPF validation; this is usually done in the spam filter
If you have accidentally opened an attachment or selected a link:
- Change your password on your account
- Clean your computer system of possible malware
- Contact your anti-virus vendor for removal steps if you are unsure
- The Anti-Phishing Working Group is an organization tasked to help to fight phishing scams; you can report phishing at http://www.antiphishing.org/report-phishing/
Resources:
Defending against malware
Educate your users about the importance of following these guidelines to limit the risk of damage from malware.
- Keep security software up to date
- Keep your operating system up to date (take advantage of automatic updates)
- Keep your browser up to date
- Be careful when opening attachments
- Be careful with peer-to-peer (P2P) file-sharing
- Be cautious on all devices, not just desktop and laptop computers
- Do not visit suspicious websites
- Employ application whitelisting so only trusted software can be downloaded
Defending against keyloggers
Educate your users about the importance of following these guidelines to limit the risk of damage from keyloggers.
A keylogger is a program that records everything that you type on a keyboard. All keystrokes are stored in a log file, hence the name "key logger." The log file is intended to be read by a third party that is typically unknown, remote and malicious.
A keylogger can be housed in a hardware device that plugs into the keyboard port on your computer. Hardware keyloggers cannot be detected by software, but they have the drawback of requiring physical access to a computer. If you suspect a hardware keylogger is present on your system, inspecting the keyboard's connection to the computer or replacing the keyboard will solve the problem.
What can you do? The most effective defense against all types of keyloggers is to install anti-spyware and anti-virus software and keep it up to date. Keylogger spyware often invades your PC system via a viruse, Trojans or other malware. Your anti-spyware and antiviral are your first line of defense.
Further guidelines:
- Enable your firewalls. In most instances, a keylogger has to transmit information to a third-party to do any harm. Firewalls are designed to prevent outside access to your computer.
- Obtain and use an automated form-filler password manager, particularly if you often enter personal or financial information at any website. These form fillers encrypt and save this confidential information and automatically fill it in, so you won't have to type it in. However, there are other forms of spyware which can intercept data posted to forms by form-fillers
- Consider using an on screen keyboard to eliminate the keyboard connection. However, the text has to get to its destination somehow, and that path may be vulnerable to clever keystroke loggers.
- Use encrypted keyboard drivers. These encrypt your keystrokes at the driver level (the first layer between the keyboard and the operating system), then feed them in decrypted form to the software application. The result is that keyloggers see only the scrambled keystrokes. Be aware that your anti-virus program may flag these programs as malware, but you can safely ignore any such "false positive" alarm.
- Use a one-time passwords (OTP) or alternative login methods (like the QR code login) where possible. An OTP is automatically invalidated after use.
- Use two-factor authentication (also known as two-step verification).
- Exploits are being found in software all of the time. Keyloggers, like most variants of modern malware, can exploit software vulnerabilities to inject themselves into your system unbeknownst to you or your anti-virus service. A malicious website could use such an exploit to install a keylogger on your PC.
- Avoid phishing scans! The outcome of a successful phishing scam may be a keylogger on your system. Various techniques are used to confuse people (legitimate looking links, replicas of the actual websites, etc.), so be extremely careful with emails and social media messages.
