Online banking and ecommerce are convenient and quick. And attractive to would-be attackers. To protect your data when logged on, such sites typically use Secure Sockets Layer, or SSL, to provide a secure channel between you and the site that employs it. But SSL doesn't kick in until the data transfer occurs, hence it cannot fend off keyloggers, phishing, man-in-the-middle attacks or other malware behavior that intercepts (and possibly redirects) communications before it hits the SSL channel. A keylogger, for example, can still record the username and password used to login to the secure site, intercepting it locally before it gets sent to the site.
Trusteer Rapport adds an important layer of security - when you access a designated site, Rapport kicks in to uber defense mode, preventing the local behaviors that can compromise your online security. Rapport prevents:
- Keyloggers and Screen Captures
A keylogger trojan can record keystrokes or take screenshots when specific activity (such as opening your bank website) are detected. Trusteer Rapport uses API blocking to prevent this type of behavior, alerting you if any such activities are attempted when you visit a Rapport-protected site. Rapport also encrypts the data from the keyboard to the network, offering a local security layer until its handed off to SSL.
- Man-in-the-Middle and Redirection Attacks
Social engineering is often used in conjunction with malware. One of the most common is to try and trick the user into visiting a fake bank or ecommerce site. But malware can also automatically redirect to these bogus lookalike sites when the legitimate site is requested by the browser - no fooling required. Trusteer Rapport uses delivery confirmation for designated websites, offering protection against man-in-the middle attacks, session hijacking, phishing, and pharming. In short, Rapport ensures the site you are on is really the site you intended to visit.
- Phishing and Other Socially Engineered Scams
Phishing is a scam in which the attacker sends an email purporting to be from a valid financial or eCommerce provider. The email often uses fear tactics in an effort to entice the intended victim into visiting a fraudulent website. Once on the website, which generally looks and feels much like the valid eCommerce/banking site, the victim is instructed to login to their account and enter sensitive financial information such as their bank PIN number, their Social Security number, mother's maiden name, etc. This information is then surreptitiously sent to the attacker who then uses it to engage in credit card and bank fraud - or outright identity theft. Rapport protects against these types of attacks by tagging sensitive information, associating it with the legitimate site and warning you if its attempted to be used elsewhere.
Rapport has one small downside - it can slow down Internet surfing. To avoid this, disable Rapport for all but the pre-designated bank or ecommerce sites you use. Rapport is also not yet widely adopted by bank or ecommerce providers. If you do business with a site that has adopted it (such as ING Direct), then the protection is free. If your bank or ecommerce provider hasn't adopted it, you can still use Rapport but you may have to pay a small fee. End users can visit the Rapport consumer site to download the program and get more information. Better yet, encourage your bank or ecommerce provider to partner with Trusteer so you get the added protection for free.