What is a Keylogger?
Whether it is called a keylogger, spyware or monitoring software, it can be the equivalent of digital surveillance, revealing every click and touch, every download and conversation.
A keylogger (short for keystroke logger) is software that tracks or logs the keys struck on your keyboard, typically in a covert manner so that you don’t know that your actions are being monitored. This is usually done with malicious intent to collect your account information, credit card numbers, user names, passwords, and other private data.
Legitimate uses do exist for keyloggers. Parents can monitor their children’s online activity or law enforcement may use it to analyze and track incidents linked to the use of personal computers, and employers can make sure their employees are working instead of surfing the web all day.
Nevertheless, keyloggers can pose a serious threat to users, as they can be used to intercept passwords and other confidential information entered via the keyboard. As a result, cybercriminals can get PIN codes and account numbers for your financial accounts, passwords to your email and social networking accounts and then use this information to take your money, steal your identity and possibly extort information and money from your friends and family.
How would I get a keylogger?
Keyloggers spread in much the same way that other malicious programs spread. Excluding cases where keyloggers are purchased and installed by a jealous spouse or partner, and the use of keyloggers by security services, keyloggers are installed on your system when you open a file attachment that you received via email, text message, P2P networks, instant message or social networks. Keyloggers can also be installed just by you visiting a website if that site is infected.
How do you detect a keylogger?
Keyloggers are tricky to detect. Some signs that you may have a keylogger on your device include: slower performance when web browsing, your mouse or keystrokes pause or don’t show up onscreen as what you are actually typing or if you receive error screens when loading graphics or web pages.
What can you do to protect yourself?
Just as you maintain your own health on a daily basis by eating well-balanced meals, getting plenty of rest and exercising, you must also maintain your computer or mobile device’s health. That means avoiding keyloggers by avoiding actions that could negatively affect your computer, smartphone or tablet, like visiting dangerous websites or downloading infected programs, videos or games. Here are some tips:
Use caution when opening attachments – files received via email, P2P networks, chat, social networks, or even text messages (for mobile devices) can be embedded with malicious software that has a keylogger.
Watch your passwords – Consider using one-time passwords and make sure key sites you log into offer two-step verification. You could also use a password manager like McAfee SafeKey that is available with McAfee LiveSafe™ service, which will automatically remember your user name and passwords, but also prevent keylogging since you are not typing in any information on the site as the password manager will do that for you.
Try an alternative keyboard layout – Most of the keylogger software available is based on the traditional QWERTY layout so if you use a keyboard layout such as DVORAK, the captured keystrokes does not make sense unless converted.
Use a comprehensive security solution – Protect all your devices—PCs, Macs, smartphones and tablets—with a solution like McAfee LiveSafe, that offers antivirus, firewall, as well as identity and data protection.
Robert Siciliano is an Online Security Evangelist to McAfee. Watch him discussing information he found on used electronic devices YouTube. (Disclosures)