Stay Safe Series – Keyloggers

Password Security

In the fourth installment of our Stay Safe Series, today’s Volusion blog discusses the troubling tactic of keylogging. Keylogging is the act of installing a piece of hardware or software to keep a log of the keystrokes typed into your computer. Keep reading to learn how keyloggers are installed, what they’re capable of and how to protect yourself.

Have you ever had the feeling that someone in the next room is talking about you? You know, when the keyboard is clicking a mile a minute and you’re sure every other word is your name? Maybe it’s sheer paranoia, or maybe someone 3000 miles away actually has that information at their fingertips. Thanks to an unknown keylogger installed on a computer, hackers can track every single keystroke and learn quite a bit about your everyday life.

Keyloggers have actually been around for years, being used as a spy tool to gather important information. In its early stages, these devices were physically attached to a machine but have now developed into more of a software application, particularly malware. Regardless of format, the end goal is the same: capture your keystrokes to gather personal information.


There are three main types of keyloggers that you should be aware of:

  1. Hardware keyloggers – This type of keylogger is a piece of equipment that is physically attached to ones computer, typically between the keyboard and the machine itself. While this type is the most powerful and readily available (try a Google search for ‘keylogger’ and you’ll be shocked), it also requires direct access to a machine to be installed.
  2. Keylogger software via a hooking mechanism – This is the form of keylogging that you should be most aware of. In this case, the keylogger is attached via malware, typically through a trojan horse. Thus, you’ll download an unsuspicious file (the trojan horse) that contains the keylogging software (malware). Once installed, the controller has full access to all of your keystrokes and passwords, even those on autocomplete.
  3. Kernel keyloggers – Kernel keyloggers are the most invasive of all. Since the software is installed at the kernel level (the connecting pathway between software and hardware), it’s virtually undetectable and replaces the core software for interpreting keystrokes.


Keylogging can actually provide some benefit, including the monitoring of children’s online activities or recording work hours for contract employees. For the most part, however, keylogging applications are malicious in nature and are intended to capture your personal information, including: usernames, passwords, credit card numbers, social security numbers and financial information. And just like that, you’re another victim of identity fraud or theft.

While these applications can be tough to detect, there are quite a few warning signs that you’ve been affected:

  • Slow performance: Take a look to see if your internet connection is abnormally slow, if your computer takes longer than normal to boot or if your operating system seems delayed.
  • Different settings: If your homepage has changed to an unknown site or there are additional icons on your desktop, there is cause for concern.
  • Excessive pop-ups: This is a major sign that a keylogger has been installed, which can prevent you from entering websites before you get started.


So how do you protect yourself and your online business from this disturbing security threat? Fortunately it’s the same advice given throughout our Stay Safe Series: use common sense. Here are the easiest ways to keep your keystrokes personal and private as intended:

  • Don’t open attachments from unknown email senders
  • Don’t click on weird-looking pop up ads asking you to download “missing” software
  • Activate your firewall to prevent threats from entering in the first place
  • Install anti-virus software on your machine and keep it updated
  • Scan all attachments before download, even if you know the sender


Use these tips to safeguard your online business and your personal information from others. That way, the next time you fear someone is talking about you online, you can put away your worries and smile. Your secrets are safe from keylogging fraudsters.


Happy (and safe) selling!
-Matt Winn, Marketing Associate


Have you ever heard of keyloggers before? What do you think about this security threat? Do you have any other advice on how to stay safe? Ever been a victim of a keylogging attack? Any questions? Please share your feedback below!


Matt Winn is Volusion’s Senior Brand Manager, where he helps oversee the organization’s branding and communications efforts. Matt has created hundreds of articles, videos and seminars on all things ecommerce, ranging from online marketing to web design and customer experience. Beyond being a certified nerd, Matt is an avid college football fan, enthusiastic home cook and a self-admitted reality TV junkie.

4 Responses to “Stay Safe Series – Keyloggers”

  1. Hardware keylogger

    Software based key logger easily detected by anti virus.And it is difficult to trace whether your system is fixed by a key logging hardware or not commonly it is installed in jack of keyboard and record all the key stroke of user.

  2. Cecile

    How do you remove a keylogger?

    • Matt

      Good question. If it’s a physical keylogger (unlikely) then you’ll need to find the hardware and take it off. If it’s a piece of malware, your anti-virus software should be able to identify and remove it. If it’s not being recognized by your anti-virus software, you can take your computer into a service station and have an expert manually remove the code from your system. Have you been affected recently?

  3. Stay Safe Series – Keyloggers » Ecommerce Blog

    […] O&#114igi&#110al post &#98&#121 Matt […]


Leave a Reply