What it is:
Keylogging uses a device (hardware) or program (software) to track and record what you type. If it’s in a software program, a file is created and sent to a specified recipient. If it’s in hardware, the person who installed the hardware must retrieve it in order to access the information gathered.
What it does:
Keyloggers are typically used maliciously to gain account numbers, PINs, usernames and passwords. A keylogger can be installed undetected via a virus or spyware, which then uses trojans to execute. The program also can use email to direct you to respond or click on an attachment and enter personal information. Keyloggers sit on various websites waiting to install themselves on unpatched or unsecured machines that hit their site.
How to protect yourself:
In addition to the tips found on the Computers & Laptops section on our Electronic Device Security page, you can protect yourself by doing the following:
- Make sure all the programs running on your computer are ones you recognize. If you do not recognize a program, get advice immediately to determine if it should be uninstalled.
- Be wary of emails from banking or financial institutions (whether it is one you use or not), and Pay Pal. Do not respond if you believe the email is fraudulent – remember never send personal or financial information via email.
- Visually inspect the back of the computer. Look specifically for a small connector device between the keyboard wire and the computer.
A word of note:
Keylogging also has constructive purposes including software development. The examination of keystrokes will indicate any errors, which developers can easily correct. Some employers use keylogging to determine the productivity of employees, or to ensure work computers are used for business purposes. Law enforcement officials may use keyloggers to circumvent applied security measures and obtain passwords or encryption keys. Concerned parents might use them to monitor their children's online activity.