The term consists of a combination of “key,” referring to device keys and “logger” for “record, log.” Keyloggers (keystroke loggers) are hardware or software that logs keyboard input. As a result, cyber criminals, as examples, identify passwords and PIN numbers and then abuse them. Keyloggers are considered malware, as well as the sub-category, spyware.
What does the term “keylogger” mean in detail?
There are technically different keyloggers:
- As hardware, they can be connected between the keyboard and the computer, for example.
- As software, they can be installed on the computer, itself, or other devices within the network.
- You can save entries that can be read later, or you can transfer the read-out data via the Internet.
- Keyloggers can be smuggled onto company-owned computers
- Keyloggers can also be located in or on other devices you use, such as when travelling (hotel lobby, Internet café, free Wi-Fi hotspot, etc.)
Keyloggers are also available for sale to businesses and consumers. According to German law (Penal Code § 202a, spying on data) keyloggers may only be used with the knowledge of the user. So in companies, as an example, the union can agree to the use of keyloggers.
Where do I encounter keyloggers in my daily work?
You will potentially always encounter them, whenever you use your keyboard, even on business trips.
What can I do to protect myself from keyloggers?
In your company
- Many measures to increase cyber security also include preventive measures against keyloggers. In addition, we recommend:
- Regular visual inspection of connected hardware for hardware keyloggers
- Targeted use of current virus and anti-spyware programs to detect and remove possible keyloggers
- As a general rule: if possible, do not enter any confidential data on unfamiliar computers!
- Only after consultation with your IT officer – possible protection against hardware keyloggers: a virtual keyboard (can be activated with a few mouse clicks on most operating systems)
- Only after consultation with your IT officer – possible protection against software keyloggers: “contaminate” your passwords. To do this, click outside the input window with the mouse while entering your password and type in a few random letters. Click inside the input window, again, and continue typing in your password.
Interesting background information
Information from the Lower Saxony police on "Phishing by Keylogger" (topic still has to be selected in the overview)
The Wikipedia article about keyloggers with illustrations of exemplary hardware keyloggers:
Credential stuffing is the automated use of exposed username/password combinations to gain access to user accounts and, if necessary, to take them over completely.mehr lesen
Honeypot refers to special, secured networks that are set up as a trap for hackers. Just as a honeypot attracts wasps, the digital honeypot is supposed to attract cyber criminals.mehr lesen