The evolution of technology also has a downside, unfortunately. It has introduced identity thieves to new ways to conduct their criminal activity, from email scams and online dating schemes to hacking and data-collecting viruses.
One of the most malicious identity theft tools is known as a “keylogger.” The term describes programs or devices that secretly record all the keystrokes you make while typing on your computer. The keylogger tracks and relays the specific keys you hit to a cyber thief, who then has access to everything you type, be it a password, your Social Security number or bank account details.
Keyloggers are often doubly dangerous because they don’t just track keystrokes — many capture screenshots of what is stored on your computer, the websites you visit, folders you open and the things you search for. If this is starting to sound familiar, it may be because many modern employers use keyloggers too — not to collect login information, but to keep an eye on their employees. Which goes to show, determined hackers can turn almost anything into a tool for identity theft.
Today’s malicious keyloggers come in three forms:
- Physical: This type of keylogger is installed physically onto a victim’s computer. It usually looks like a USB drive or hardware connector (like the kind on the end of your keyboard) and is connected between the keyboard and the computer. Physical keyloggers can even be installed on cash registers, as retail chain Nordstrom found out.
- Remote: This type of keylogging targets wireless keyboards. A large antenna is set up at a remote location, close enough to capture wireless signals. If the wireless device isn’t encrypted or password protected the hacker can gain access to the user’s keystrokes. This type of keylogging also targets electromagnetic signals generated by ATM machines.
- Malware: This is the most common type of keylogger. Malicious code downloads and installs itself on your computer after you click on a suspicious link, download an email attachment or visit an infected website. The code installs keylogging software which collects and transmits your personal information.
Protecting yourself against keylogging is important. Many people look to their touchscreen tablets and laptops in relief, but the truth is your keyboard doesn’t need to be physical to be affected by a keylogger. A better way to decrease your risk is to follow these steps:
- Use anti-keylogger software: People often assume that virus protection is enough to stop most threats. However, most anti-virus programs cannot detect keylogging software. You want a solution that specifically addresses keylogging.
- Use safe surfing tools: As more internet users become aware of email malware and avoid clicking links, hackers are turning to websites to deliver their code. Safe surfing tools can tell you if a website is trustworthy before it loads.
- Watch where you type: Public computers and networks don’t have the kind of protections we install at home on our private devices. Avoid accessing online bank accounts and never shop online with your credit card from public computers.
It’s also a good idea to change your passwords regularly, particularly for important financial accounts. Additionally, signing up for a credit monitoring service can alert you when certain activity occurs in your credit files that might indicate that a keylogger has gathered your information and is using it for fraudulent purposes.