How to prevent keyboard spyware attacks on video calls
The videoconference really got started this year. With more people working and learning at home than ever before, video calling has quickly become the primary method of remote communication, allowing users to stay in touch. Few people know that they give out their passwords during video calls through body language. According to Tom’s guide, callers can guess users’ passwords by hand and the shoulder movements they make while typing.
Let us explain how this threat works, so that you can continue to connect via video calls with peace of mind.
How hackers use video calls to search through personal information
The risk of keyboard tracing or keyboard burglary occurs when an intruder is present during a video call and observes the target’s body and physiological characteristics to deduce what he or she is typing. To launch this attack, the attacker must record a meeting or video stream and send it via a computer program. This program removes the visual background and measures the movements of the user’s arms and shoulders in relation to the face. From there, the program analyzes the user’s actions to guess which keys he or she is pressing on the keyboard – including passwords and other confidential information.
So, what exactly is this program? Although this shows that the program was correct for only 20% of the time the subjects were in an uncontrolled environment on their own, the accuracy of the program increased to 75% when their passwords were among the millions most used. And suppose the program already knew his e-mail address or name. In this case, he can decrypt in 90% of the cases if the target prints this information during a video call (and if his password is followed immediately). The less complex the target person makes his or her password, the easier the program can guess what he or she is typing.
Remains protected against keyboard sniffing
Keyboard attacks can have potentially dangerous consequences, as typed text can contain confidential or personal information, even beyond passwords, such as credit card numbers, authentication codes and physical addresses. It is also important to note that any videoconferencing device or video obtained from public video sharing/broadcasting platforms is subject to this attack.
To prevent your meeting platforms from spying on what you print, follow these tips for your peace of mind:
Creating a secure and unique password
Don’t let the keyboard stick its nose into other people’s business by making your password or passphrase as unique as the information it protects. If a hacker manages to guess your password for one of your online accounts, he will probably check multiple websites for repeated accounts. If you use different passwords or passwords for your online accounts, you can stay calm and collect data because you know that most of your data is safe when one of your accounts becomes vulnerable.
Using multi-factor authentication
Two- or multi-factor authentication provides an additional layer of security by requiring different forms of authentication, such as sending text messages or e-mails with a secure code. Most popular websites such as Gmail, Dropbox, LinkedIn, Facebook, etc. offer multi-factor authentication and installation only takes a few minutes. This reduces the risk of successful counterfeiting by criminals who have leaked your information by spying on the keyboard.
Password control lever
Improve your security with a password manager as included in McAfee Total Protection. A password manager can help you create strong passwords, avoid annoying remembering multiple passwords and automatically access websites.
To stay up to date with McAfee news and the latest security threats to consumers and mobile devices, follow @McAfee_Home on Twitter, listen to our pirate podcast and enjoy it on Facebook.
The study was conducted by researchers from the University of Texas in San Antonio and the University of Oklahoma. We therefore assume that it is safe to use because it is not a competitive product, but please let us know something else! BH3.
x3Cimg height=1 width=1 style=display:no src=https://www.facebook.com/tr?id=766537420057144&ev=PageView&noscript=1 />x3C/noscript>’) ;