DEFINITION: Spyware device or program that records the keystrokes on a computer and saves them remotely or to a log file within the device
Software: ‘virtual’ program that intercepts keyboard strokes within an OS and stores them remotely
Hardware: physical device that intercepts keyboard strokes and saves them to a log file within it.
1) Suspicious email attachments
2) Unsecure websites
3) Unsecure downloads
4) Manual installation
1) Manual implantation
HOW IT WORKS
Upon installation, it runs hidden process that records every keystroke of the keyboard and sends the log file containing the information to a location set by the attacker.
Some keyloggers may also discreetly take screenshots of the desktop and every site visited or may also activate your web camera.
Image source: ghacks.net
Upon implantation, it records every keystroke and saves them to a log file within the device.
The attacker may retrieve the information either through a network connection, bluetooth or manually by dislodging the keylogger.
1) Run an updated antivirus/anti-keylogger
2) Check for anything that looks out of place within your computer eg a newly created folder or driver
1) Physical check up of your computer’s hardware for any suspicious device lodged between the keyboard and computer
1) Scan computer with an updated antivirus or anti-keylogger program
2) Format your harddrive (NOTE: this option will delete all your files)
1) Replace or remove hardware component
1) Use a virtual keyboard
2) Avoid opening suspicious email attachments from suspicious sources no matter how enticing they may be
3) Avoid unsecure (free) wifi spots
4) Scan computer regularly with updated antivirus or anti keylogger programs
5) Use automatic form fillers to avoid physical typing
6) Master keystroke sequences of various keyloggers
7) Avoid lending out your computer’s administrator privileges
8) Avoid free downloads from unsecure sites
9) Use security browser add ons to verify the riskiness level of a website
10) Encrypt your data
11) Minimize accessing password related sites via unsecure networks
1) Use a virtual keylogger
2) Use automatic form fillers to avoid physical tying
3) Check for any suspicious devices connected between the keyboard and computer