large image

Trusted Reviews is supported by its audience. If you purchase through links on our site, we may earn a commission. Learn more.

What is a keylogger?

A keylogger is a hardware or software device that captures typed input to your computer or mobile phone / tablet. A form of spyware, keylogger malware is frequently used along with automatic screenshot tools to steal banking and other login details and send them back to a malicious actor, usually via a file upload.

Keyloggers are also sold as security software for use in both home and enterprise environments. In the UK it is illegal to install a keylogger on someone else’s computer or phone without permission.

In the workplace, including Bring-Your-Own-Device environments, businesses must inform staff and get their written agreement if keylogging will be carried out, have a privacy policy and be able to give employees all data about themselves and their activities within 40 days.

It is illegal for someone to use a keylogger to spy on your private life. While home users are allowed to install keyloggers on computers or smartphones they own, using them to monitor without consent or steal data from family members, housemates or friends is usually illegal under the Computer Misuse Act (1990) and may be classed as stalking under the Protection from Harassment Act (1997).

Parents who wish to use keyloggers to spy on their children’s online activities should inform them that they will be doing so. Children have a right to keep their personal electronic communications private under the United Nations Convention on the Rights of the Child (UNCRC) article 16, and the Human Rights Act (1998).

50% off Kaspersky Internet Security

50% off Kaspersky Internet Security

Protect your browsing, shopping, chats & data across your PC, Mac & Android devices. Get award-winning antivirus plus a range of tools built to guard your private life and identity.  Now 50% off from just £17.49 per year

  • Kaspersky
  • 50% off
  • £17.49 per year
Buy now

Hardware keyloggers

Hardware keyloggers are less commonly used for generalised fraud, but may be used in targeted attacks. That includes executive fraud and industrial espionage, but also more personal situations such as stalking and domestic abuse.

They’re most often USB dongles that sit between the keyboard and computer and log data to an SD card or share it with an attacker via Wi-Fi. Versions intended for subterfuge often take the form of a USB extension cable to make them less obvious. Entire keyboards have also been designed with integrated keyloggers, although these are primarily used in security research and quality assurance scenarios;

Threat vectors

The threat vector for keylogger fraud is much the same as any other kind of malware:

  • It can be downloaded and run on your computer via a contaminated website
  • It can be deliberately introduced to your device by a malicious actor with physical access
  • It can be sent to you as an email attachment with a message that deceives you into running it
  • It can make its way into your PC as the payload of malware on a contaminated network or physical media

Prevention and detection

To protect against keyloggers, keep your antivirus software up-to-date, so that its real-time protection modules can accurately detect any keylogger malware as soon as it hits your system. If you’re using Windows’ built-in antivirus, Microsoft Defender, make sure that your Windows updates are also current.

Many antivirus suites include sandboxed environments for online banking that are designed to lock our software keyloggers and screenshotters. These include Kaspersky Internet Security and Eset Internet Security.

50% off Kaspersky Internet Security

50% off Kaspersky Internet Security

Protect your browsing, shopping, chats & data across your PC, Mac & Android devices. Get award-winning antivirus plus a range of tools built to guard your private life and identity.  Now 50% off from just £17.49 per year

  • Kaspersky
  • 50% off
  • £17.49 per year
Buy now

Keylogging software can cause unexpected slowdowns and odd cursor behaviour, especially on lower-spec devices, but don’t expect to be able to spot it. Run an on-demand scan if you see any suspicious behaviour.

Your usual antivirus suite will include capable on-demand scanning. For on-demand scanning, just in case you want to check against an additional malware signature database, Malwarebytes provides a capable free product for Windows, macOS, Android and iOS. Unusually, Malwarebytes will cheerfully run alongside either Windows Defender or any third-party real-time malware protection suite you have installed.

Linux users can install ClamAV and the helpful ClamTk graphical front end from their distribution’s repository or from source to.

Why trust our journalism?

Founded in 2004, Trusted Reviews exists to give our readers thorough, unbiased and independent advice on what to buy.

Today, we have millions of users a month from around the world, and assess more than 1,000 products a year.

author icon

Editorial independence

Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.

author icon

Professional conduct

We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.