Keyloggers: Beware this hidden threat

How it works

Keylogging, formally called “keystroke logging,” is exactly what it sounds like: It’s when a user’s keystrokes on a computer, tablet, or phone are recorded and tracked. This is sometimes done in an IT monitoring environment, or for studying human-computer interaction. Even Windows 10 has a creepy keylogger, to collect your info for… reasons. Fortunately, you can turn it off.

[ Further reading: The best smart locks and deadbolts ]

They’re also used by law enforcement. The FBI brought down Philadelphia mob boss Nicodemo Scarfo Jr. in 1999 when it installed the Magic Lantern keylogger via a Trojan. The spyware recorded his every keystroke, which the Feds were able to use to piece together their case. In 2007, the DEA used a keylogger to take down an MDMA (Ecstasy) lab.

But keylogging is more commonly done for nefarious reasons—without the user’s consent or knowledge that everything they type is being surveilled, and saved for later by whoever is spying on them.

The threat to you

Obviously criminals use keyloggers. They scrape up passwords, credit card and banking information, personal details, and more, to use in identity theft and other malicious deeds. Think about what you type every day that reveals sensitive information, like your bank account, and you can easily see what’s so worrying about keyloggers.

But thanks to commercial spyware companies, everyone is a potential victim of keylogger spying. These companies take digital spying tools, typically used by actual government spies and malicious hackers, and package them into easy-to-use bundles. These are marketed and sold to parents who want to monitor children, suspicious spouses, nosy employers, and more.

Of course, they’re purchased and used by more than that, and for a lot of creepy and unethical purposes. A recent expose showed that “ordinary people—lawyers, teachers, construction workers, parents, jealous lovers—have bought malware to monitor mobile phones or computers, according to a large cache of hacked files from Retina-X and FlexiSpy, another spyware company.” The tools enabled easy keylogging for anyone with $50 to spend.