A keylogger (short for keystroke logger) is a tool designed to monitor and record each keystroke typed on a computer's keyboard. Keyloggers are often used as spyware with malicious intent to collect your personal and account information such as credit card numbers, user names and passwords.
Legitimate use cases do exist for keyloggers. Parents can supervise their children’s online activity or law enforcement may use it to analyze and track incidents linked to the use of personal computers, and employers can observe employees' computer activities.
Keyloggers can be either a software version, or a hardward based device. While Software keyloggers are by far most prevelant, it is important to understand the differences between both types.
A hardware-based keylogger is a small device that serves as a connector between the keyboard and the computer. The device is designed to resemble an ordinary keyboard connector, part of the computer cabling or a USB adaptor, making it relatively easy for someone who wants to monitor a user's behavior to hide such a device. These types of keyloggers can be easily removed
Malicious software keyloggers and spread in much the same way as other malicious programs such as viruses and trojans. They are installed on your system when you open a file attachment that you received via email, text message, P2P networks, instant message or social networks. Keyloggers can also be installed just by you visiting a website if that site is infected.
Hardware based keylogger is highly unlikely, especially if your computer is secure and private in your own home, but there is a possiblity to get hit with a hardware keylogger in a public environment. Since a hardware keylogger would most likely use a USB port to function, it is adivisable to do a quick check to make sure nothing malicious is plugged into your USB port.
Software Keyloggers are much harder to detect. As there are various types of keyloggers that use different techniques, no single detection or removal method is considered the most effective. Since keyloggers can manipulate an operating system kernel, a task manager isn't necessarily enough to detect a keylogger. Installing a good antivirus, as well as anti-keylogger software are both good options to keep you safe.
Take caution when opening attachments: Keyloggers can be present in files received through email, chats, P2P networks, text messages or even social networks. If someone sends you an email out of the cold or the contents of the email are asking for your personal information, chances are there's a keylogger in there somewhere.
Enable 2-Factor Authentication if it is available for the services you use. This additional security measure will ensure security fo your account even if a keylogger has recorded your username and password.