A keylogger is a program or device that monitors and records everything you type on a keyboard. This includes passwords, emails, search queries, login credentials, and private messages. Some keyloggers run invisibly in the background, whilst others operate at the hardware level (as USB devices placed between your keyboard and computer).
Why they matter: Keyloggers are among the most dangerous threats to personal security because they capture data before encryption can protect it. Once installed, they give attackers direct access to your most sensitive information. A single compromised account can lead to identity theft, financial fraud, or access to other accounts that share similar passwords.
Legitimate vs malicious use: IT departments sometimes deploy keyloggers to monitor employee activity or recover lost passwords. Parents may use them to supervise children's online behaviour. However, the vast majority of keyloggers are installed without consent via malware, phishing emails, or compromised websites. Even 'legitimate' monitoring software raises serious privacy concerns.
Common infection routes: Keyloggers typically arrive through trojan malware, infected email attachments, fake software downloads, or compromised links. They often hide within legitimate-looking applications or browser extensions.
How to protect yourself: Install reputable antivirus software and keep it updated. Use a password manager to reduce manual typing of sensitive data. Enable two-factor authentication where available. Be cautious with email attachments and downloads from unfamiliar sources. Consider using on-screen keyboards for entering highly sensitive information like banking passwords. Regular security scans can detect some keyloggers, though sophisticated ones may evade detection.