Keylogging works by recording the keystrokes you type on the keyboard to a log file that can be transmitted to a third party. Keyloggers can capture user names, passwords, account numbers, social security numbers or any other confidential information that you type using your keyboard.
There are two types of Keystroke loggers:
- Hardware key loggers are devices that are attached to the keyboard cable or installed inside the keyboard. There are commercially available products of this kind, even dedicated keyboards with key logging functionality.
- Software key loggers are usually simple programs that can capture the keystrokes the user is typing, They can also record mouse clicks, files opened and closed, sites visited on the Internet, etc. A more advanced type of key loggers can also capture text from windows and make screenshots of what displayed on the screen.
While writing keylogging programs is simple, a different matter is installing it inside the victim’s computer without getting caught and downloading the data that has been logged without being traced.
The best protection against keyloggers is to avoid them in the first place.
A few golden rules:
- Use a Firewall
- Use an Anti-virus program
- Use an Anti-spyware program
- Never click on links sent by unknown people and be very careful of the known ones since their address might be faked. If in doubt, check the e-mail headers.
- Never execute attachments on e-mails that are executable files (EXE, COM, SCR, etc). No exceptions here.
- Never execute programs from the Internet that lack a security certificate. Except from Microsoft update and very few others, there should be no reason for executing any programs from the web.
- Run a virus and spyware check on ALL files that come from external sources (USB pen, DVDs, etc)
Additional measures that can be taken are:
Monitoring what programs are running on your computer
Monitor your network whenever an application attempts to make a network connection.
Use an automatic form filler programs that prevent keylogging since they’re not using the keyboard.
There are commercially available anti-keyloggers, but if you’re looking for a free alternative try Spybot Search & Destroy, a freeware tool that does a pretty decent job at detecting all kinds of spyware:
Windows Defender, a free program that helps protect your computer against pop-ups, slow performance, and security threats caused by spyware: http://www.microsoft.com/athome/security/spyware/software/default.mspx
The Sysinternals web site hosts several utilities to help you manage, troubleshoot and diagnose Windows systems and applications.
In this article:
Alex provides some free and valuable advice about keylogging protection such as using the on-screen keyboard available in W2000 and XP that can be launched by executing “osk” or the technique of mouse highlighting and overwriting.
Or you can also download Click-N-Type virtual keyboard free from:
Also worth reading is Wikipedia’s article on Keystroke logging:
And a simple trick to fool keyloggers: