Skip to content

Keystroke Logging: How to Keep Yourself Safe from a Keylogger


There’s seemingly no end to the way cybercriminals can attack you and your personal data. One type of attack that’s been used for decades and is still prevalent is keylogging. Imagine if everything you typed on your keyboard or tapped on your mobile device’s keyboard was recorded and stored somewhere and someone can read all of it.

Scary, right?

Keylogging lets potential criminals see your personal information and then use it how they see fit. From the following statistics, you can see how pervasive keylogging is and how damaging it can be:

Keylogging is a potent threat and you should know what it is and how to protect yourself from keyloggers if you want to keep your data safe.

What is keylogging?

Keylogging, or keystroke logging, is taking a record of everything you type on a keyboard. Keyloggers are a type of spyware that runs in the background without you noticing so you can use your device as you normally would without a clue that it’s there.

Keyloggers have both criminal and legitimate uses. Cybercriminals use keyloggers to steal sensitive information you type on a website or app, such as your username and password. They can then sell that info or use it to hack your accounts. Businesses use keyloggers in development, to help troubleshoot issues and improve user experience. Keystroke logging is also used by law enforcement and intelligence agencies for surveillance.

The practice of keystroke logging dates back to the 1970s when the Soviet Union’s intelligence services used it to monitor IBM electric typewriters in Moscow’s embassies. Spyware, such as keyloggers, is still widely used today and cybercriminals may use keyloggers to capture information about individuals or organizations.

Types of keyloggers

Keyloggers can be software or hardware. Each uses different methods to log keystrokes.

The types of software keyloggers include:

  • API-based: API stands for “application programming interface” and it allows software and hardware to talk to each other. API-based keyloggers intercept the signals between each keypress and the program you’re typing in. 
  • Form grabbing: Form-grabbing keyloggers intercept all the text entered into website forms before you hit “submit” or “enter” and send that info to a server.
  • Kernel-based: These types of keyloggers get unrestricted, admin-level permissions on a system.

Hardware keyloggers also come in different types, including:

  • Keyboard: Keyboard keyloggers are placed on the keyboard’s connection cable or are built into the keyboard itself.
  • Hidden camera: Cameras placed in public places such as libraries can record a video of someone using a keyboard to visually track keystrokes.
  • USB disk-loaded: USB drives can be loaded with a Trojan horse that, once connected to a device, installs keystroke logger malware.

How keyloggers work

Keyloggers record every keystroke you make with a keyboard. Every time you press a button on your keyboard, it’s recorded. Keystrokes communicate different types of information to your computer. The length, time, and velocity of the keypress, as well as the name of the key used, may all issue commands to your computer.

Keyloggers keep track of all of this information, essentially spying on the “conversation” you are having with your computer as you give it commands. Because we input so much of our personal information into our devices, it’s not difficult to assemble a profile of someone just from their logged keystrokes. Anything from Social Security and bank account numbers to email passwords and text messages can reveal a great deal of private information.

Keylogging software automates keystroke logging and puts all the data it records into a text file that can be retrieved later. Some tools go beyond keystrokes and may also record everything you copy and paste to your clipboard, calls, GPS data, and even microphone and camera footage.

How keyloggers get placed on your device

Keyloggers can be software or hardware, so there are several ways they can be installed. Placing a physical keylogger on a machine is more difficult than downloading software so most criminals avoid using hardware. When a physical keylogger is used, it usually means it’s an “inside job” and you may have a threat in your life.

In contrast, software keyloggers have several ways they can enter your machine. Infected web domains are one of the most common ways attackers download keylogging spyware onto victims’ computers. One example from 2018 had the office suite software Zoho’s .com and .eu domains infected. The two domains were enabling about 40% of all keylogger data theft, allowing email addresses to be stolen.

Another way attackers get keyloggers onto devices is with malware-infected apps. Google has had to remove apps from the Play Store that contain keylogging malware.

Phishing emails are also a big culprit when it comes to keyloggers. Fake emails can contain malicious links or attachments that, when clicked or downloaded, surreptitiously install keylogging spyware on your device.

Keyloggers may also spread through infected USB drives. An attacker gets a user to insert the USB key into their computer and the spyware starts installing automatically.

Are keyloggers legal?

The use of keyloggers can be legal when they are for legitimate purposes. If the person who owns the device downloads the keylogging software, it’s perfectly legal. In the workplace, corporate keylogging isn’t uncommon. It’s used to help with testing and debugging. Keystroke logs can also be used to:

  • Help system administrators investigate failures
  • Dig deeper into why a breach might have occurred
  • Flag potential insider threats
  • Monitor employee productivity

Businesses that use keylogging in the workplace must inform their employees. If they don’t, they might be breaking employee privacy laws.

One use of keylogging that’s widely accepted as legitimate is the popular grammar-checking app Grammarly. While active, the Grammarly app records logs of what a user types to provide grammar and spelling suggestions.

Although keylogging is technically legal, it could be ethically questionable in some cases. Spyware, which runs on a computer or device innocuously, may be used by parents to monitor their children or by someone who wants to track their intimate partner. 

When spyware is used in this way, it verges on stalking. Indeed, apps that allow you to monitor keystrokes, location, and all activity on someone else’s mobile device without their knowing have been dubbed stalkerware.

Detecting keyloggers is getting harder

Attackers have started creating keyloggers to evade traditional detection techniques, letting them slip by antivirus software unnoticed. They might inject keyloggers into adware, which usually doesn’t get flagged.

Most of the time, keyloggers are only one part of a cyberattack. They may have ransomware and cryptocurrency mining or botnet code attached. Attackers may not activate this other malware right away, so an unsuspecting victim could have a keylogger recording their keystrokes for a while before they realize anything is wrong.

Prevent keyloggers from infecting your computer

As with most types of cyberattacks, prevention is better than reaction. Here are a few best practices to keep in mind to avoid falling victim to keystroke logging:

  • Regularly check your computer for unwanted software. If you find unfamiliar software, delete it.
  • Never download files from unknown sources.
  • Use a virtual keyboard when entering sensitive information, such as on banking websites.
  • Keep your passwords in a password manager so you can copy and paste passwords, rather than typing them out.
  • Install antivirus software and keep it up to date.

How to detect and remove keyloggers from your device

Unfortunately, it’s difficult to detect keyloggers without using software to look for them. You have to keep your eyes open to the signs of malware on your machine to run the proper checks that will help you find a malicious keylogger.

One sign that your computer has malware or potentially unwanted applications is that your power use and processor usage skyrocket. Malware tends to take up a lot of your computer’s resources, so a computer running more slowly could mean you have a keylogger. Keep in mind that not all keyloggers slow down a computer, so this isn’t a foolproof way to find one.

The best way to detect a keylogger is with comprehensive security software that scans your computer for you. If the keylogger is hardware rather than software, you may have to tear down your whole device to find it.

Stay educated about keylogging

Now that you know that keyloggers exist and how pervasive they are, you can take the proper steps to avoid having one infect your device. The best practices for preventing cyberattackers from using keyloggers on you are generally the same precautions you take against most malware. Scrutinize everything, run regular scans of your device, and be smart.

Related Articles

  • All
  • Easy Prey Podcast
  • General Topics
  • Home Computing
  • IP Addresses
  • Networking
  • Online Privacy
  • Online Safety
Melissa Trumpower of the BBB talks about the top scams of 2021.

The Top Scams of 2021 and How to Protect Yourself This Year

The top scams of 2021 range across all kinds of tricks and tools. The Better Business Bureau…

[Read More]

What You Need to Know about Privacy Statements and Cookies

At times, online privacy statements are lengthy, convoluted texts of boring legal jargon. Yet, it seems like…

[Read More]

What Happens If Your Investment Account Gets Hacked

You spend most of your adult life saving for retirement, assuming that the money you put away…

[Read More]

How DNSBLs Work: Avoid Getting Blacklisted

When you open your email client, type a message, and hit “send” it seems so easy. You…

[Read More]
Stuart Madnick has been in cybersecurity since 1974 and knows a lot about the costs of cyberattacks.

The Cost of Cyberattacks: Minimizing Risk, Minimizing Damage

Most of us view the internet as a useful and benign tool. But in many ways, it’s…

[Read More]

How to Keep Your YouTube from getting Demonetized

You finally did it–you hit all of the markers for acceptance in the YouTube Partner program, and…

[Read More]