Keylogger - how to spot one?

[mattyg]

With all due respect to you and I am grateful for your suggestion, I am aware of all this. All I asked was whether anyone knew how to spot an installed keylogger.

Your demand is not exactly the same as she got but is pretty close. They did correctly identify the password which was incredibly (and stupidly) obvious and they demanded $5,000.

Case pretty much closed; thanks to all

I was only highlighting the amount I get, and showing they are an automated email from phishing or websites that have been hacked

I have had some too with an old password.. I posted a few weeks ago about is as I was surprised because it had a legit password.

 

[HecFam]

I had 2 of these emails go into my spam over the weekend saying my hotmail account was "Hacked" by 2 different usernames from the "Darknet".

They listed my password in the email and they were both wrong. Not even close, i thought it may have come from a previous data leak but the password is not one i have ever used.

Enable 2FA if not already enabled also.

 

[PiKe]

Pretty sad to see that in some cases, the bitcoin accounts do indeed receive payments

 

[stockhausen]

. . . Enable 2FA if not already enabled also.

I have to say that I do not know of a single solitary person who uses 2FA for email.

 

[andshrew]

I have to say that I do not know of a single solitary person who uses 2FA for email.

Your e-mail account is arguably the single most important account where you should have two factor authentication enabled. E-mail has such a level of trust associated with it (from the point of view that if I request a password reset for one of my accounts, following a link in an e-mail sent to me is all that is required for that web site or service to be satisfied that it is actually me resetting the password) that once someone has access to your e-mail account they've as good as gained access to every other account you have ever created.

 

[stockhausen]

Your e-mail account is arguably the single most important account where you should have two factor authentication enabled. E-mail has such a level of trust associated with it (from the point of view that if I request a password reset for one of my accounts, following a link in an e-mail sent to me is all that is required for that web site or service to be satisfied that it is actually me resetting the password) that once someone has access to your e-mail account they've as good as gained access to every other account you have ever created.

If you are that dependent on email, create multiple accounts, including one-off, "throw-away" accounts?

ps - my bank account is my most important account That pretty much relies on 2FA.

 

[Minusorange]

Instead of starting a new thread on the same topic question I'll just ask here

Is there a way to scan a file beyond using virustotal to check if it contains RATs or Keyloggers as virustotal can provide false positives ?

 

[jpaul]

Both Avira and Avast allow you to scan a specific file looking for signatures of RAT/keyloggers, and do that automatically on downloads
- I have never seen false positives;
if virustotal (I don't use it) is giving them, then change your A/V tool ?