How Keyloggers Work and How to Prevent Them
Across our blog, you’ll see posts about illegal online activity, programmes that should never exist, and other kinds of online scamming.
Keyloggers can be used in the same way - illegally and covertly. But they are more of a gray area than many other cybersecurity issues.
In this guide to keyloggers we’ll look at what exactly this technology does, how you can avoid being spied on by them, and why they are so ambiguous.
Firstly, let’s establish a definition.
What is a keylogger?
Short for a “keystroke logger”, a keylogger tracks keyboard activity to source information. This is usually software, but keyloggers exist in hardware form as well (i.e, physically attached to a computer).
Since they track what you type, keyloggers work like the keyboard equivalent of a dictaphone. Essentially, they are recording devices to monitor what you input into your computer, tablet or phone.
Often, this is private information like passwords. But many forms of keylogger software are legitimate and used legally. An employer might use one to keep track of staff activity and productivity, or to monitor sensitive words and phrases that might potentially compromise security. Parents sometimes use a keylogger to make sure their children aren’t visiting inappropriate websites. And law enforcement sometimes use keyloggers to track illegal activity when they seize criminals’ computers.
There are also morally ambiguous uses for keyloggers - like a suspicious spouse spying on their partner.
This is what makes keyloggers harder to prevent than other forms of cyberattack: keylogging software is often legal.
However, as you might imagine, keyloggers can be used in unequivocally malicious ways too.
Often, keyloggers are a form of spyware. (You can learn about other types of spyware in our guide to malware.)
Why keyloggers are a threat
As we mentioned before in our article about creating strong passwords, your computer or phone’s keyboard is a portal to a treasure trove of sensitive information.
A hacker with access to your keyboard’s history can source:
- Your usernames and passwords
- Financial information, like your credit card or bank details and security codes
- Websites you’ve visited
- Documents you’ve downloaded or uploaded
- Personal photographs and documents
How keyloggers are installed on devices
A keylogger can be installed locally or remotely. In fact, if you start a new job, a keylogger might already be pre-installed on your computer (for the productivity and security reasons outlined above).
As malware, they can be downloaded and installed via email; on a bespoke, illegal website; or in illegal adware. Keyloggers in this context are a form of spyware: In other words, malicious software (malware) that spies on your computer activity.
How to protect yourself from keyloggers
There are several steps you can take to help prevent the installation of an unwelcome keylogger:
- Ensure your computer is password protected
- Never leave your computer unattended in a public place
- Don’t click on suspicious ads or websites
- Always use an antivirus, like Clario
How to remove keylogger software
If you are suspicious of keylogging on your device, here’s what you can do to detect and, in many cases, remove it.
1. Check for unusual keyboard activity
If your keyboard is glitching, acting seemingly by its own accord or if the mouse or keypad is behaving erratically, there might be a keylogger, another form of spyware or remote, unauthorised access to your device.
2. Examine your running programmes
In many cases, you’ll be able to see if software has been installed without your knowledge. For a PC, press the Ctrl Alt and Delete keys simultaneously. From there, select Task Manager. Depending on the model or operating system, you should see a tab called Processes. Clicking on this will show a list of all running programmes. The secret keylogger might be one of them. If that’s the case, uninstall it (by right-clicking).
For Macs, you’ll have to find the Utilities folder. In there, you can see what’s running by choosing the Processes folder. Clicking on All Processes will show programmes on your Mac. Then, Windowed Processes will narrow it down further - showing programs that are currently running. Like any Mac app, if you click and hold on the icon, it will move in place. At that point, you have the option to delete.
3. Run a virus scan
Like many malware cases, a virus scan can be the most efficient and effective way of dealing with the issue. In most cases, including Clario, it’s as simple as clicking Run and letting the antivirus software remove the problematic malware.