SkipToMainContent

Malware

What is a keylogger and how do I protect myself against one?

You probably feel secure using an ATM at your bank to make financial transactions. But when you type your PIN code on the ATM keyboard, you could be jeopardizing your finances

How? Criminals may be able to capture your PIN using keystroke logging surveillance via keyboard overlays.

Your personal information could be even more exposed if keyloggers gain access to everything you type on your computer.

Both threats exist because of keystroke logging, also known as keylogging or keyboard capturing. The monitoring tool is designed to covertly track the keystrokes you type on your computer and other devices to record passwords and other sensitive personal information.

Learn how a keylogger works, how this system monitoring tool could threaten your personal information, and what you can do to help protect yourself.

What is a keylogger and how does it work?

A keylogger is a type of spyware that can be used to track and log the keys you strike on your keyboard, capturing any information typed. Keyloggers are insidious because you don’t know they’re there, watching and recording everything you type.

How do keylogging activities benefit cybercriminals? The data captured can include your personal and financial information, PIN codes and account numbers, credit card numbers, usernames, passwords, and other sensitive data — all of which can used to commit fraud or identity theft.

Keyloggers can be software or hardware. Software is more common. The majority of keyloggers are used to capture payment card data you might enter online with a device. Once captured, your data can be retrieved by the person on the other end of the keylogger program.

Many keyloggers have root-kit functionality. That means they’re hiding in your system. These so-called Trojan-spy programs can track user activity — including keystrokes and screenshots —save the data to your hard disk, and forward the information to cybercriminals.

An example of a hardware-based keylogger is the keyboard overlay on an ATM. Every time a bank customer presses the buttons on the criminal’s fake keypad — thinking it’s the legitimate ATM keypad — the keylogger records the keystrokes and forwards the information to the cybercriminal.

How do keyloggers get installed?

How do keyloggers infect your devices in the first place? There are several ways, including these.

Phishing email

If you click on a link or attachment in a phishing email that is infected with malware, you could be exposing your device to a keylogger. Be wary of links or attachments in unfamiliar emails, text messages, peer-to-peer networks, or instant messages. They could be embedded with malware. Also be cautious of links on social networks or fake websites that could be infected.

Trojan virus

Hackers sometimes use Trojan viruses to deliver and install keyloggers via phishing and fake emails and attachments. While phishing emails are fake emails that appear to be from a known source, hackers also can get to know something about you and send fake emails with things such as coupons you might be interested in — and might click on. New keylogger Trojans are frequently being written to steal payment data entered online by device users.

Webpage script

Keyloggers can get into your devices when you visit a fake or malicious website. The web page script is then able to exploit a vulnerability in your browser.

Infected system

Keyloggers can exploit an already-infected device or system and install other malicious software into that system.

How do cybercriminals use keyloggers?

Keyloggers represent a major threat to your cybersecurity because they’re able to secretly capture and record the sensitive data you type onto your keyboard. A lot of information can be gathered from what you enter on your devices — via your emails, text messages, login credentials, passwords used, websites browsed, and financial information accessed.

Cybercriminals can use keyloggers as malware to steal your personally identifiable information. That might include financial information, PIN codes for financial accounts, credit card numbers, usernames, passwords, and other private data. After cybercriminals access this information, they may be able to commit financial fraud and identity theft.

Keyloggers thrive when you don’t know they’re there. Cybercriminals may be able to harvest and use everything you type, until the keylogger is discovered.

How can you detect a keylogger?

It’s important to recognize the warning signs that a keylogger may have infected your system. Hardware may be easier to spot, like a new USB drive that is attached to your computer.

Keylogger software may be more difficult to detect. Common signs your device has been infiltrated can include slower computer performance when browsing or starting programs, abnormal delays in activity, pop-ups, new icons on your desktop or system tray, or excessive hard drive or network activity.

How can you protect yourself against keylogger malware?

To help protect yourself from keylogger malware, use caution when engaging in any online activity. This will help protect your devices and personal information against cybercriminals who use programs like keyloggers for malicious purposes.

Tips for being cautious online include not opening attachments or downloading files from unknown sources, because they could be embedded with malicious software that contains a keylogger. Also watch for phishing scams.

Password protection

In addition to using strong and unique passwords, encrypting your passwords and using two-factor authentication can help protect your computers and other devices from getting hacked.

Two-factor authentication can deter cybersnoops because it supplies one-time passwords. Keyloggers rely on using the same password twice.

Password managers can also help protect against keyloggers, because you won’t have to do the typing. This may help prevent keyloggers from being able to record your keystrokes.

Alternative keyboards

Some keyboards don’t use the QWERTY layout. That means the keystrokes tracked won’t translate, because most keyloggers rely on the traditional layout. Another alternative? Virtual keyboard software enables you to input characters without typing on actual keys.

Voice-to-text conversion software

This is another way to avoid using a keyboard. But whether it works or not may depend on how the text is recognized by each keylogger program.

Anti-spyware programs

These applications can’t catch hardware-based keyloggers, but they can detect, quarantine, disable, and eradicate many software-based keyloggers.

Anti-keylogger software

Anti-keyloggers are designed to detect keyloggers on your computer by comparing your files against those in a keylogger database.

Helping protect against keyloggers may require a variety of defenses. Taken together, they can help protect your personal information, finances, and identity.

Cyber threats have evolved, and so have we.

Norton 360™ with LifeLock™, all-in-one, comprehensive protection against viruses, malware, identity theft, online tracking and much, much more.

Try Norton 360 with Lifelock.


Editorial note: Our articles provide educational information for you. NortonLifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.

Copyright © 2020 NortonLifeLock Inc. All rights reserved. NortonLifeLock, the NortonLifeLock Logo, the Checkmark Logo, Norton, LifeLock, and the LockMan Logo are trademarks or registered trademarks of NortonLifeLock Inc. or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc. Alexa and all related logos are trademarks of Amazon.com, Inc. or its affiliates. Microsoft and the Window logo are trademarks of Microsoft Corporation in the U.S. and other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other names may be trademarks of their respective owners.