Keystroke logging is an act of tracking and recording every keystroke entry made on a computer, often without the permission or knowledge of the user. A keylogger may be either hardware- or software-based, and has its uses as a legitimate personal or professional IT monitoring tool. However, keystroke logging can also be used for criminal purposes. More commonly, keystroke logging is malicious spyware that is used to capture sensitive information, like passwords or financial information, which is then sent to third parties for criminal exploitation.
Why Keystroke Logging is a Threat
When you are unaware that everything you type onto your computer keyboard is being recorded, you may inadvertently expose your passwords, credit card numbers, communications, financial account numbers and other sensitive information to third parties. Criminals can exploit information by accessing your accounts before you even know that your sensitive data has been compromised.
Keylogger malware may reside in the computer operating system, at the keyboard API level, in memory or at the kernel level itself. Keylogging can be hard to detect because it doesn't always cause noticeable computer problems, like slow processes or glitches. It can be hard to detect even by some antivirus programs because spyware is good at hiding itself — it often appears as normal files or traffic, and can also potentially reinstall itself.
Fortunately, it is possible to protect your computer from keylogger software. Keeping your operating system, software products and Web browsers up-to-date with the latest security patches should always be part of your security solution, but the best defense is to install a good anti-spyware product that protects against keylogging malware, or a complete Internet security solution with strong features to defeat keylogging.