WHAT IS CRIMEWARE?
Crimeware is a type of malicious software (malware) that automates large-scale financial crime against PCs. The leading ways crimeware infects PCs are when users visit infected websites, open contaminated email attachments, use contaminated thumb drives, click on hostile popups, or visit fake websites with hostile content. Traditional security techniques (e.g. passwords, anti-virus, firewalls, SSL, intrusion detection, even two-factor authentication and security tokens) are ineffective against crimeware attacks since crimeware resides inside infected PCs.
HOW DOES CRIMEWARE IMPACT ME?
If your PC is infected with crimeware, criminals can collect the information you enter into your browser and use your information to steal your identity and control your online accounts. This includes any browser-entered information from online purchases, online banking login credentials, bill payments, payment cards, tax filings, logins, credentials, passwords, SSNs, etc.
IS MY PC INFECTED WITH CRIMEWARE?
There is no definitive way to determine whether or not a PC is infected with crimeware. This is what makes this class of malware so dangerous. Until specific crimeware variants (versions of the crimeware that are designed to “look different” to security products) on PCs have been identified, only the criminals controlling the crimeware know whether your PC is infected or not. Though there are millions of crimeware variants, only a small portion (~10-20%) have been detected, identified and catalogued.
WHAT IS PROTECTOR™?
Protector™ is security software that prevents crimeware from performing attacks as it was designed. As a result, criminals never obtain the browser-entered data they need to commit fraudulent crimes. These attacks that are designed to steal online identity information such as usernames and passwords (i.e., credentials) are unsuccessful, and therefore, your accounts and identity are protected.
WHY DO I NEED PROTECTOR™?
Because of the sophistication of the latest crimeware, traditional anti-virus products cannot protect you from it effectively. Anti-virus programs rely on viruses being known by their specific “signatures.” So once a certain virus is discovered, its signature is recorded and incorporated into anti-virus scanners. The next time a scan is performed, if the same signature is detected, then the program alerts the user that a virus has been detected and attempts to remove it. This methodology doesn’t work against crimeware because at the push of a button, criminals can dynamically change the signatures of all of their deployed crimeware trojans. Therefore, signature-based detection is an unviable solution – the signatures incorporated into the scanners will always be outdated, and the new signatures will not be detected by the scanners.
Protector™ works in a very different manner. Instead of trying to detect the presence of crimeware on a PC, Protector™ stops the crimeware from collecting your browser-entered data in the first place. In effect, our product breaks the crimeware, and stops it from doing what it was designed to do. Protector™ prevents crimeware attacks that steal online identities from PCs by preventing malware from harvesting browser-entered data.
Another advanced capability of crimeware is called man-in-the-browser (MITB) attacks. In MITB attacks, criminals virtually “sit” between your PC and whomever you are communicating with (your bank, an e-commerce web site, etc.). In this way, they can manipulate data that you enter into your browser and for instance, change a money transfer of $500 to your friend in Las Vegas to a $50,000 transfer to an overseas account. The bank authenticates the transaction because it looks like it is originating from you, and the additional security measures the bank has put in place are all verified by you through the criminals. Protector™ prevents crimeware from performing man-in-the-browser attacks.In addition, by defeating man-in-the-browser attacks, Protector™ removes the utility of SMS-in-the-mobile (the interception of text messages) attacks against associated mobile devices.
HOW DOES PROTECTOR™ DEFEAT MALWARE ON MY PC?
Protector™ breaks the way malware collects browser-entered data to defeat both key-logging and man-in-the-browser attacks. Malware steals browser-entered data using the same fundamental collection techniques. Protector™ incapacitates malware information collection techniques to defeat crimeware. Protector™ prevents malware from exploiting known flaws in software to collect your information.
WHAT IF MY PC IS INFECTED WITH MALWARE BEFORE I INSTALL PROTECTOR™?
Protector™ assumes that PCs can be infected with malware either before or after installation of Protector™. Protector™ cannot prevent criminals from using previously stolen credentials, this is why once you install Protector™ you should change all of your passwords and to the extent practical, your usernames as well. Subsequent credentials are protected following installation of Protector™.
SHOULD I CHANGE MY PASSWORDS AFTER INSTALLING PROTECTOR™?
Yes. Otherwise, any accounts associated with previously compromised passwords will still be able to be compromised. Users should change their passwords as soon as possible after installing Protector™.
DOES MY ANTI-VIRUS PRODUCT DEFEAT CRIMEWARE ON MY PC?
Only after a specific crimeware variant has been identified and this variant’s “signature” is incorporated into the anti-virus scanner, can anti-virus products be effective against detecting and removing crimeware. Generally, signatures are incorporated only after tens of thousands of systems have been compromised, which warrants the development of a signature after-the-fact. Anti-virus products scan PCs for signatures of known malware variants. If a known malware variant is detected, some anti-virus products can remove the associated files. However, anti-virus products can only detect and remove threats for which the anti-virus product has known signatures. Therefore, anti-virus products detect and remove only a small portion of the malware variants that are responsible for stealing user information.
DO I STILL NEED MY AN ANTI-VIRUS PRODUCT IF I INSTALL PROTECTOR™?
Yes, anti-virus products are still needed to detect and remove viruses. As designed, Protector™ does not include a signature-based detect-and-remove anti-virus capability. Protector™ blocks the functioning of malware present in the machine but does not attempt to detect or remove malware or viruses.
IS PROTECTOR™ FREE?
We offer a free 30-day trial of Protector™. At the end of the free trial, you may purchase either an annual or monthly subscription license to continue using Protector™ and protecting your systems from today’s most dangerous online threats.
CAN I TRY PROTECTOR™ TO SEE HOW I LIKE IT?
Yes, we offer a free 30-day trial of Protector™ so you can enjoy the benefits of being protected and experience the ease-of-use of the product without incurring any costs.
WHERE CAN I FIND THE PROTECTOR™ END-USER LICENSE AGREEMENT?
When you install Protector™, you are presented the full user license agreement during the installation process.
HOW CAN FINANCIAL INSTITUTIONS OR OTHER BUSINESSES OBTAIN PROTECTOR™ FOR THEIR CUSTOMERS?
Please contact us and a member will contact you for a customized solution tailored to your organization.
DOES PROTECTOR™ PROTECT MY PRIVACY?
Yes. Protector™ does not collect any information from your PC in order to protect your privacy.
DOES PROTECTOR™ COLLECT INFORMATION FROM MY PC?
No. Protector™ does not collect any information from customer PCs.
WHAT OPERATING SYSTEMS DOES PROTECTOR™ SUPPORT?
Protector™ supports Microsoft operating systems. Protector™ does not support other non-Microsoft operating systems (i.e., Linux or Apple OS X) due to the currently low threat of malware attack against those operating systems.
WHAT BROWSERS DOES PROTECTOR™ SUPPORT?
Protector™ supports available versions of Internet Explorer, Firefox, Chrome, Safari and Opera.
ARE THERE ANY SYSTEM REQUIREMENTS FOR USING PROTECTOR™?
No. Other than employing a Microsoft operating system for PCs, there are no specified hardware or software requirements.
DOES PROTECTOR™ ADVERSELY IMPACT CUSTOMER DEVICE AND BROWSER STABILITY?
No. Protector™ was expertly designed to minimize any impact to or disruption of customer devices and browsers.
DOES PROTECTOR™ DEGRADE CUSTOMER DEVICE PERFORMANCE?
No. Protector™ does not impact customer device performance since there is no overhead application, no process delaying browser functions, and no user actions required to provide the protection.
DOES PROTECTOR™ REQUIRE ANY USER CONFIGURATION OR INTERACTION?
No. Protector™ is virtually transparent to users. Protector™ is easy and quick to install and requires no user configuration or user interaction.
WHAT VISUAL INDICATORS ARE AVAILABLE TO ENSURE PROTECTOR™ IS ENABLED AND PROPERLY FUNCTIONING ON MY PC?
Protector™ provides customers with two visual indicators that Protector™ is enabled and properly functioning. First, the Protector™ icon (blue and white shield) appears in your PC’s system tray. Second, browser form fields are highlighted in yellow.
HOW DO CUSTOMERS UPDATE PROTECTOR™?
Protector™ updates itself automatically. However, customers can check for updates manually by double clicking the Protector™ system tray icon, selecting the update tab, and pressing the “update now” button. Protector™ will check for an update and install any available update without any further action.
HOW DO CUSTOMERS UNINSTALL PROTECTOR™ IF THE NEED SHOULD ARISE?
To uninstall Protector™ simply use the add/remove programs like you would with any other application.
WHAT MALWARE ATTACKS DOES PROTECTOR™ DEFEND AGAINST?
Protector™ defends against five classes of attack:
1) Hook-based Keylogging: The most primitive key-stroke capture method uses either hook-based or kernel-based techniques to capture user-entered keystrokes one character at a time. Such techniques are less efficient since they capture key-stroke errors, backspaces, deletions, etc. Because kernel-based keylogging techniques are inherently unstable and not typically employed in crimeware, Protector™ neutralizes only hook-based techniques.
2) Form-based Keylogging: The form-grabbing keylogging method captures entire fields to avoid key-entry errors. Therefore, the most up-to-date stealth malware uses form-grabbing instead of key-stroke capture methods.
3) Inject-based Keylogging: As with the form-based keylogging method, the inject-based key-logging method also captures entire fields to avoid key-entry errors.
4) Man-in-the-Browser Attack: As an added benefit of the inject-based keylogging method comes the added capability to perform web injects (also known as man-in-the-browser attacks) to allow the modification of displayed information on web pages.
5) SMS-Proxy-In-The-Mobile: Malware on mobile device that intercepts and injects SMS text messages used for out-of-band (i.e., non-browser based) authentication. Protector™ defeats Man-In-The-Browser attacks on the PC associated with the attacked mobile device to defeat the utility of this type attack. Protector™ installed on PCs defeats SMS-Proxy-In-The-Mobile attacks for mobile devices (Android, Apple iOS, Windows, Symbian. Blackberry) .
IS PROTECTOR™ RESILIENT AGAINST EXPLOITATION?
Yes. Protector™ is designed to be resilient against exploitation and reverse engineering. Protector™ is designed as to prevent it being used as an attack vector against customer devices.
DOES PROTECTOR™ DEFEND AGAINST AUTOMATED DISABLING ATTACKS?
Yes, Protector™ defends against automated attacks aimed at disabling Protector™ functionality.
DOES PROTECTOR™ PROTECT ME AGAINST ZEUS AND SPYEYE?
Yes. MOBILE DEVICES
DOES PROTECTOR™ SUPPORT MOBILE DEVICES?
Yes. Protector™ – Mobile defeats Crimeware designed to attack Android Operating Systems; namely, Man-In-The-Mobile attacks. This is malware on a mobile device that intercepts and injects web interactions between customers and websites. This attack is the mobile-device equivalent of a man-in-the-browser attacks against a PC.We also provide Jailbreak detection of iOS for iPhones, which will tell you if you are susceptible to malware attacking iOS. Trusted Knight also integrates its mobile protection directly into any organization’s custom mobile application.In addition, by defeating man-in-the-browser attacks on PCs, Protector™ removes the utility of SMS-in-the-mobile attacks against any mobile devices associated with that PC.
Talk to one of our team members today.