2022's best place for Cybersecurity Insights and Advice for Everyone

#1 - Signup to our list and get regular insights and advice on how to be cyber safe.

By entering your email address you agree to receive emails from EveryDayCyber. We'll respect your privacy and you can unsubscribe at any time.

What is a Keylogger?

by Cyberguy | Last Updated | July 25, 2022
Cyber Dictionary|CyberSecurity - Consumer|CyberSecurity - SMB

Keyloggers, which is the abbreviation for keystroke loggers, are a particularly nasty piece of malware (malicious software).

Their primary objective is to track and capture all actions executed on your device. Most keyloggers are used for evil intent but there are cases where keyloggers can be used for legitimate purposes.

What is a Keylogger

Keyloggers, sometimes referred to as spyware or monitoring software, are essentially digital surveillance. They can track every click, touch, keystroke, download, and conversation carried out on the device you install them on. The list of specific information keyloggers are known to capture are:

Keylogging Process

For bad actors this information is used to steal your data typically for financial gain, but also for other things like extortion and identity theft.  As mentioned, keyloggers can have legitimate purposes as well.

So how does a keylogger get on my device?

For legitimate uses, it would be installed on each device much like any other application. For bad purposes it spreads in the same way that other malware spreads – emails, SMS, downloads, trojan horses, etc.

Keylogger Example - Operation Liberpy

So how do you detect a keylogger?

Unfortunately, keyloggers can be tricky to detect. Some indicators that a keylogger may be on your device include: slower performance when web browsing, mouse movements or keystrokes pause or don’t show up onscreen as you expected or if you receive error screens when loading graphics or web pages.

Buy Sectigo SSL/TLS Certificates - Save 82% | Formerly Comodo CA
Buy Now
We earn a commission if you make a purchase, at no additional cost to you.

You can also proactively check your device to see if a keylogger is running by:

One last point on checking for keyloggers. There are also hardware keyloggers that can be installed between your keyboard and your device. These can be non-obvious attachments or dongles that may appear normal but are in fact a hardware device that captures keystrokes. So be diligent and always check for unusual items connected to your computer or phone.

#2 So here we are at the middle of the post. We still think it's a good idea to signup.

By entering your email address you agree to receive emails from EveryDayCyber. We'll respect your privacy and you can unsubscribe at any time.

So how do I protect myself from a keylogger?

Like all malware, the best tools to avoid being contaminated with such nasty things is to stay away from untrusted websites, don’t download any software or app that you don’t trust 100%, and do not click on any link you are not 100% sure is safe.

But as we all know, sometimes in our busy lives we have “Duh” moments and end up clicking, downloading or surfing the wrong link, file or website. So you need to protect yourself with tools.

How to protect yourself from keyloggers

Install quality antivirus/antimalware onto your devices. These tools are designed to scan for, locate and remove malware including and especially keyloggers.

Keyloggers are not your friend.

Installing specialized tools like antivirus, antimalware onto your devices is really the standard answer, there are also things you can do to minimize the likelihood that malware will get onto your devices. This includes:

Be skeptical of everything online!! The biggest threat having malware installed on your device is “social engineering”. The bad actors understand human behavior and use everything imaginable to lure unsuspecting victims through tantalizing offers via email, alerts, sms messages, fake profiles and all kinds of offer mechanisms to get you to click.

Once you click, the damage is probably done. Do NOT trust any link or file or document unless you are 100% sure it is from a trusted source. Do not click if you don’t know. 

Triple check before you download

Doesn’t matter if it’s a file, a document or an app. Like the previous item, don’t trust anything online at face value. Check, check and then check again before you download anything.

Be careful where you browse

Malware is becoming more sophisticated every day and it is now possible for certain types of malware to cause your devices harm without actually downloading onto your device. Simply browsing to a website that is designed to execute, what is describe as “drive by” infection, can cause you harm. So be aware of every site you navigate to, search for information about the site before you go to it. See if there is any information indicating that it could cause you damage. Be diligent, take a second before you go to a site you don’t know, it could save you a world of pain.

Get an ad-blocker

Malvertising is a particularly nefarious form of malware which presents itself as a popup ad or banner on a website. Bad actors use these as platforms for launching all kinds of malware simply by you hovering over the ad or banner. Get an ad-blocker it will make your browsing a lot more pleasant.

#3 You really should sign up. "Scouts Promise" ... it really will help you stay cyber safe.

By entering your email address you agree to receive emails from EveryDayCyber. We'll respect your privacy and you can unsubscribe at any time.