Defending Against Keyloggers
Educate your users about the importance of following these guidelines to limit the risk of damage from keyloggers.
A keylogger is a program that records everything that you type on a keyboard. All keystrokes are stored in a log file, hence the name "key logger." The log file is intended to be read by a third party that is typically unknown, remote and malicious.
A keylogger can be housed in a hardware device that plugs into the keyboard port on your computer. Hardware keyloggers cannot be detected by software, but they have the drawback of requiring physical access to a computer. If you suspect a hardware keylogger is present on your system, inspecting the keyboard's connection to the computer or replacing the keyboard will solve the problem.
What can you do? The most effective defense against all types of keyloggers is to install anti-spyware and anti-virus software and keep it up to date. Keylogger spyware often invades your PC system via a viruse, Trojans or other malware. Your anti-spyware and antiviral are your first line of defense.
- Enable your firewalls. In most instances, a keylogger has to transmit information to a third-party to do any harm. Firewalls are designed to prevent outside access to your computer.
- Obtain and use an automated form-filler password manager, particularly if you often enter personal or financial information at any website. These form fillers encrypt and save this confidential information and automatically fill it in, so you won't have to type it in. However, there are other forms of spyware which can intercept data posted to forms by form-fillers
- Consider using an on screen keyboard to eliminate the keyboard connection. However, the text has to get to its destination somehow, and that path may be vulnerable to clever keystroke loggers.
- Use encrypted keyboard drivers. These encrypt your keystrokes at the driver level (the first layer between the keyboard and the operating system), then feed them in decrypted form to the software application. The result is that keyloggers see only the scrambled keystrokes. Be aware that your anti-virus program may flag these programs as malware, but you can safely ignore any such "false positive" alarm.
- Use a one-time passwords (OTP) or alternative login methods (like the LogMeIn QR code login) where possible. An OTP is automatically invalidated after use.
- Use two-factor authentication (also known as two-step verification).
- Exploits are being found in software all of the time. Keyloggers, like most variants of modern malware, can exploit software vulnerabilities to inject themselves into your system unbeknownst to you or your anti-virus service. A malicious website could use such an exploit to install a keylogger on your PC.
- Avoid phishing scans! The outcome of a successful phishing scam may be a keylogger on your system. Various techniques are used to confuse people (legitimate looking links, replicas of the actual websites, etc.), so be extremely careful with emails and social media messages.