How Do Keyloggers Work?

How Do They Work?

• Keyloggers generally work by intercepting the chain of events which occurs in microseconds between when the person using the computer in question makes a keystroke and when the keystroke manifests on the person's computer screen. The keylogger makes a note of what key was pressed before such an interception, and passes the same information onto a log, which can be seen by its "masters." This is a process that takes a very small fraction of a second, making it completely impossible for the person whose activity is being monitored to notice that anything is amiss.

Legitimate Uses

• Legitimate applications for keyloggers include where they are applied in office and industrial settings to monitor what employees do on their computers. The idea is to prevent unauthorized computer use, which can have major implications in sensitive settings--such as when computers are used in military installations and where unauthorized computer usage could result in espionage. They can also be used as a tool for enhancing efficiency in work situations, as employees are more likely to do only work-related things on their computers, knowing that they are being monitored through the keyloggers. Other legitimate applications for keyloggers include where they are used domestically by parents to monitor what their kids are doing on the Internet. Of course, keyloggers interfere with the privacy of computer users, and there are some cyber-ethicists who argued that, seen in this light, there is no legitimate use for keyloggers, as what they do are mostly things that can be done through less intrusive methods.

Illegitimate Uses

• Clearly illegitimate applications for keyloggers include where they are used by cyber criminals to fetch sensitive information from people's computing sessions (for instance their online bank account passwords) and then later using the same information to fraudulently access such peoples' accounts and make unauthorized transactions. Spouses using keyloggers to monitor each other's cyber-movements can also be considered illegitimate use, as is where a country's spies could potentially find a way of getting keyloggers into the computers used in another country's security installations, and thereby getting "free" and illegitimately-obtained intelligence.

Falling Victim to Keyloggers

• It is important to note that keyloggers are not always things you install on your computer voluntarily. This is especially so when the keylogger is meant to be used by cyber-criminals to obtain your personal information for fraudulent use, where they can hide the keylogger behind some other so-called "free" software download (in what is called a Trojan model), so that when you install the "free" software the keylogger also gets installed on your computer and starts recording your computing session and sending the information it obtains to its "masters."

Protecting Yourself

• To protect yourself against keyloggers that are spread as Trojans, avoid downloading and installing "free" software unless it is a program you really need--and when you do, ensure that you only download software from reputable sources. Install and maintain an up-to-date copy of a reputable anti-virus and anti-spyware software program, as the modern versions of these have functionality to protect you from unauthorized keylogger activity. Other steps like the use of virtual keyboards can also help protect you from falling victim to illegitimate keylogger activity.