Computing in public

The Internet café on the corner may seem like a convenient place to check your email, Facebook account, and do online banking. But are you aware that without you even knowing, all the personal information that you’re entering may be captured by someone else?

The invisible thief

Hackers and cyber-criminals are ruthless and will do everything in their power to gain access to your information. One way they do this is to install keystroke logging software on some public computers. For each and every person using the affected computer, the software can log emails that have been sent, passwords entered, websites accessed, private chats, and file inputs. This information is periodically sent to the person who installed the software, and can then be viewed and used at the person’s discretion.

Another way of accessing your information is via social engineering. In one version of this strategy, the cyber-criminal inserts a flash drive into the back of a public computer which has the keystroke logging software installed. The information is then logged and saved to the flash drive, and the criminal then retrieves the flash drive at a later stage – collecting the sensitive information of everyone that's used the computer.

Once they have your personal information or banking details, they can easily access your accounts and change your passwords to keep you locked out. Even worse, they can empty your bank accounts before you even suspect anything is wrong.

Staying safe

To protect yourself against such dangers, you should avoid using public computers for online banking, shopping, or any financial or sensitive tasks. It’s also wise to avoid accessing websites where you are required to log on – such as online email accounts and social networking sites.

Aside from invisible methods like keystroke logging, cyber criminals also use the very simple method of "shoulder surfing" - simply looking at what's on your screen. So, avoid leaving sensitive information open on your desktop for all to see - especially when the public computer you're using is not in an enclosed space like a private cubicle.

You should also never leave your PC unattended while you are still logged on. Rather exit all the applications you are working on and then log off from the PC. You can always log on again when you need to.
Many sites give you the option to save your login information (username and password) on the computer you’re using. This may appear as a checkbox on the login screen, or a Remember me option in a dialog box or pop-up window. If you're using a public computer, never choose this option. And when you’re done on the site, don’t just close the browser window or shut down the computer. Always log out of the site, and wait until the site confirms that you’ve logged out.

You should also avoid running macros in files downloaded on public computers, as viruses can also be triggered through these. Even if the public computer has an anti-virus program installed, it may be out of date, or ineffective against the type of virus that lurks on the computer.

Finally, if you download anything from a website onto a flash drive, remember to scan the device when you insert it into your personal computer at home or work. Flash drives make it easy for viruses - including keystroke logging software - to make their way from the public computer to your personal computer, exposing your other computers to the risks of cyber-thieves.