Keyloggers are one of the most well-known and feared security threats on computers today. Keyloggers carry a fearsome reputation for several reasons, not least because they’re hard to detect, but because the direct damage to your life extends well beyond the computer and screen in front of you.
Keylogging malware is, unfortunately, very common. More often than not a malware variant packs a keylogger for maximum damage and to compound the attacker’s investment. Luckily, there are several methods to protect your system from a keylogger. And while no defense is perfect, these five steps drastically improve your chances.
What Is a Keylogger?
Before looking at how to mitigate a keylogger, consider what a keylogger is and where they come from.
A keylogger is consistent to its name. The term refers to a malicious computer program that captures and records your keystrokes; that’s every word, character, and button you press on your keyboard. The keylogger sends a record of your keystrokes to the attacker. This record might contain your banking logins, credit and debit card details, social media passwords, and everything else in-between. In short, keyloggers are a dangerous tool in the battle against identity and financial fraud.
The overwhelming majority of keyloggers are bundled with other forms of malware. In the “old” days, the malware delivering a keylogger would remain silent for as long as possible. That means, unlike other virus and malware variants, files remain intact, there’s a little system disruption as possible, and you continue using your system as normal.
However, that’s not always the case. For instance, the recently discovered MysteryBot targets Android devices with a banking Trojan, a keylogger, and ransomware—that’s quite the combination. But by-and-large, a keylogger will feature as part of a large exploit kit that grants an attacker control over various aspects of your system.
There’s another common variety of keylogger you hear about, too, but not something you immediately think about. Have you got it yet? That’s right; card readers and skimmers, and other point-of-sale malware deploy keyloggers to copy your PIN to use later. The PoSeidon malware is a prime example of this type of scam.
Now you know, how can you protect yourself?
5 Ways to Protect Yourself Against Keyloggers
Protecting against keyloggers covers a fairly standard security spectrum. That is, your online and personal digital security needs this level of protection on a day-to-day basis. There’s a lot more than just keyloggers out there.
1. Use a Firewall
In most instances, the keylogger has to transmit its information back to the attacker for it to do any harm. The keylogger must send data out from your computer via the internet. As your internet passes through a firewall (for instance, Windows Firewall is a default security setting for Windows 10 systems), there’s a chance it will realize something isn’t quite right.
That said, there’s also a stronger chance it won’t detect an issue. An easily terminated keylogger isn’t much use to the attacker. The Windows Firewall is an excellent option for most users, but several excellent third-party firewall options come with extensive functionality. Unsure where to start? Check out these seven third-party firewall options to get started.
A firewall alone might not stop a keylogger or its associated malware, but it is better to have one than not.
2. Install a Password Manager
One constant piece of security advice is to update and change your passwords (along with using a strong single-use password to begin with). But, let’s face it: it’s really hard to remember tens of 16-character passwords for the staggering number of sites most of us use. Keyloggers are effective in their simplicity; it copies the keystrokes and logs the information. But what if you never actually typed a password?
Most password managers use autofill functionality to provide a master password that unlocks a specific account. Your password still works, you’re already browsing your Twitter feed, and all without typing. Sounds great, right?
Unfortunately, a password manager can only get you so far, for a few reasons.
- Some password managers don’t copy and paste your password. Instead, they use an auto-type function to input the password. Any keylogger worth its salt will copy virtual keystrokes, too. But…
- …A sufficiently well-designed keylogger will also periodically take screenshots as well as record the contents of the clipboard.
- Some dangerous advanced malware variants will target offline password databases, stealing the entire list rather than one at a time.
Now, all is not lost. For example, KeePass negates the first and second issue using Two-Channel Auto-Type Obfuscation (TCATO). TCATO basically splits the password down into two subparts, sends both to the clipboard, then merges in the password field. However, by their admission, TCATO isn’t 100% secure, noting that “it is theoretically possible to write a dedicated spy application that specializes on logging obfuscated auto-type.”
The point of a password manager wasn’t to stop keylogging. However, if you do encounter a keylogger and you have a password manager installed, there’s a chance you only lose the strong single-use password for one account, rather than every password for every account you own. Check out this comparison of five password manager services to get you started.
3. Update Your System (And Keep It That Way)
Being proactive about system security is always a good idea. One of the most important parts of a proactive defense is keeping your system up to date. That includes your operating system as well as the applications and programs you run on it. Keyloggers and other malware look for exploits in outdated software and can take advantage of them, sometimes without you knowing anything is wrong.
Security researchers find new exploits all of the time. Some are relatively benign. Others are patched immediately by the developer. But others still become critical exploits used to expose your computer to malware.
Particularly rare and unreleased vulnerabilities are known as zero-day exploits and carry a significant threat. Indeed, the CIA ran into trouble when it emerged hackers had liberated their previously unknown and top secret zero-day vulnerability stockpile, releasing powerful exploits into the wild—leading directly to the enormous WannaCry ransomworm.
Updating software isn’t always convenient, but it could save you and your system from serious trouble down the line.
4. Consider Additional Security Tools
The default security options for Windows 10 and macOS are okay, but you should always consider bulking that security out for maximum protection. Check out our list of the best security and antivirus tools for your system. These are Windows-focused, but many have macOS equivalents and are worth the small investment.
If you want security tools that specifically target keyloggers, check these two free options out:
- Ghostpress: a free anti-keylogger with an extremely small performance footprint. Features Process Protection to stop any other program terminating Ghostpress.
- KL-Detector: a basic keylogger detection tool. Once you detect a keylogger, it’s up to you to remove it, but the tool will alert you to the keyloggers presence.
Another worthwhile investment is Malwarebytes Premium. Unlike the free version, Malwarebytes Premium constantly monitors your system for potential threats. This alone drastically cuts your chances of picking up something nasty.
5. Change Your Passwords
If you suspect something is wrong, use a different computer to change your passwords. The measures listed above should provide ample protection against keyloggers, but there always seems to be people who have their passwords stolen even though they did everything right.
Frequently changing your passwords will help minimize the potential damage of a keylogging attack. Your password may be stolen, but it would be uncommon for it to be stolen and used immediately unless that keylogger was targeted directly at you (in which case you may have bigger problems than keylogging!). If you change your password every two weeks, your stolen information will no longer be useful.
Remove Your Keylogger…
These methods will help protect against keyloggers by decreasing their opportunity to infect your PC with malware. Furthermore, you’re taking steps to isolate the amount of data a keylogger can access in the event you happen to pick one up. And, although you can never have 100% protection, you can certainly empower yourself and your system in the battle against malware.