Sophos report looks at risks of keylogging

Keylogging attacks are on the rise according to cyber security company Sophos and its latest threat report. We look at keylogging and how to avoid it.

According to the SophosLabs 2021 Threat Report, cyber attackers are on the increase and becoming more innovative in the methods they are using. They’re exploiting vulnerabilities with a range of malware software including, keylogger attacks.

A keylogger is a form of spyware. When you enter sensitive data onto your keyboard,  you quite innocently believe nobody is watching. In fact, keylogging software is hard at work logging everything that you type.

Keyloggers are activity-monitoring software programmes that give hackers access to your personal data such as the passwords and credit card numbers you type and the webpages you visit – all by logging your keyboard strokes. The software is installed on your computer and records everything you type. Then it sends this log file to a server, where cybercriminals wait to make use of all this sensitive information.

However, not all keylogging is illegal they do have legitimate, useful applications. For example, keyloggers are often used by IT departments to troubleshoot problems. Also, they can keep an eye on employee activities, which is perfectly legitimate. And on a personal level, you can keep an eye on what your kids are up to on your computer.

Keylogging becomes a crime if there is malicious intent. Simply put, if you install a keylogger on a device you own, it is legal. If a keylogger is installed behind the back of the actual owner to steal data, it is illegal.

Attack tactics like phishing and social engineering are some of the common ways keyloggers are installed. But there is another way this software can find its way to your computer. Imagine a scenario where you make your way to a file-sharing site and choose a software download, by doing so keyloggers can infiltrate your safe computer.

How can you avoid keylogging?

According to Sophos Labs prevention is better than cure and if you think your computer is a target for keyloggers, keep checking for unwanted software, and delete it. Sophos Labs other tips for avoiding keylogging include:

Don’t download files from unknown sources.

While entering password information on banking sites, use a virtual keyboard; in fact, use a virtual keyboard wherever possible.

Use a password manager, as the manager will automatically enter the password, making keystrokes redundant (no keystroke, no keystroke logging).

Use a powerful and next-gen antivirus and internet security suite that can keep your personal computer safe from advanced and evolved cyberattacks and identify and remove malicious software for you.

About Sophos 

Sophos protects over 450,000 organisations of all sizes in more than 150 countries from today’s most advanced cyber threats. The business also works with home users through its Sophos Home brand.

 

Share

Featured Articles

How secure is sensitive data stored in the cloud?

A Cloud Security Alliance (CSA) survey has found 67% of organisations store sensitive data in public cloud environments, but how secure is it?

CYBER LIVE LONDON: Day 2 highlights of the hybrid tech show

We take a look at highlights of the different stages at the Tech Live London show, including insights from Claroty, SalesForce and Oracle

TECH LIVE LONDON: An overview of the hybrid technology show

We take a look at the first day of Tech Live London with insights from technology leaders from companies such as IBM, Microsoft and Vodafone

Does a cashless society mean higher risk of fraud?

Cyber Security

5 minutes with Gary Brickhouse, CISO of GuidePoint Security

Cyber Security

CTO at Passbolt explains the importance of password managers

Application Security