Your IP: Unknown · Your Status: Unprotected Protected

Blog How-To

How to Protect Yourself Against Keyloggers

Oct 19, 2016 · 3 min read

How to Protect Yourself Against Keyloggers

You may not know what a keylogger is, but if you want to protect your privacy and security, you should learn.

Or you could end up being like Joe Lopez, a Florida businessman who filed a lawsuit against Bank of America because $90,000 had disappeared from his bank account to somewhere in Latvia. When the case was investigated, it was discovered that Coreflood, a keylogger Trojan, was the actual culprit.

Keyloggers, when they are installed or implemented on your computer, record every single keystroke you make and send that information off to some malicious destination. Keyloggers can come as software, such as in this example from Infosectoday:

Screen Shot 2016-10-19 at 4.37.07 PM(image of corporate VPN credential theft by Keylogger)

They can also come in various hardware versions, such as this one that connects to the keyboard port and intercepts keystroke data:

Screen Shot 2016-10-19 at 4.37.21 PM

Although there are a wide variety of hardware keyloggers, the most persistent, popular and terrifying are the software versions. That’s for the simple reason that hardware keyloggers are generally detectable. They may be hidden, but with little effort you can check your keyboard port or see if there are any strange devices sticking out of your USB port.

So now you know what it is, how can you protect yourself against it? We’ll look today at a few ways to prevent keyloggers from stealing your information.

Use a Password Manager

Keyloggers work, as we said before, by intercepting your keystrokes from your keyboard to the computer either through hardware or software. Thus, they really can’t log something that hasn’t been typed.

This is where password managers come in handy. Instead of you needing to type in a password to one of your more sensitive and important accounts, your password manager will have it saved for you. All you need to do is click on the account and it will be filled in for you. No typing required. No keys to log. LastPass and 1Password are reputable password managers for all your devices.

This also works with the autofill function on most browsers today. They let you “enter” information through previously entered information. That way, again, no typing, no keys. To enable ‘browser memory’ options, however, you’d need to allow cookies, which we’d advise against.

An aside: there has been some discussion on whether your on-screen virtual keyboard can solve this problem, as you’re clicking, not typing. However, that is usually argued against, since a keylogger, being malware, can get around that problem as well.

Use Anti-Malware

Keyloggers are malware. Or rather, malicious keyloggers are malware. There are legitimate keyloggers that are used by businesses and other organizations who are careful with their sensitive information.

Because malicious keyloggers are malware, it would make sense to keep your anti-malware (i.e. Malwarebytes) up-to-date. And if you don’t have it up-to-date because you don’t even have it, then, you now know what is the next item on your to do list.

With keylogging at its highest level since 2004, and generally increasing across the board, you should be protecting yourself against that threat. And all threats. Malwarebytes is a great anti-malware program that has been shown to keep a careful eye on existing and up-and-coming keylogging programs.

Be Careful (and Smart)

The best knowledge, of course, is just to use your common sense. Most viruses and malware come from one of two ways: either you went to a site and downloaded something you shouldn’t have, or you opened an email and clicked on a link you shouldn’t have.

Related: What to do if faced with a suspicious email?

No matter how good any system of protection is, if you don’t exercise caution or double check to see which sites are shady and which are legitimate, and which emails look sketchy or authentic, you need to start being more vigilant.

With the proper tools and education, you’ll be better prepared to face the malicious online world.

October is Cyber Security Awareness month, and NordVPN is offering 70% off its yearly fee during the month of October. Simply go to NordVPN Pricing Page, choose the yearly plan, and enter ‘CyberAware’ coupon code at the checkout.

Christina Craig
Christina Craig successVerified author

Christina is a community manager and the heart, the voice and the soul of NordVPN. She is always up for a conversation with our community of users and blog readers.

Subscribe to NordVPN blog