Keylogger - What it is, warning signs, and how to remove and prevent it

Keylogger

What it is

A keylogger is spyware that records what you type - passwords, messages, credit card numbers - and often tracks clicks and screenshots too. Criminals bundle it inside shady installers, phishing attachments, or cracks. For background and cleanup tips, see our keylogger explainer.

What you may notice

  • Sudden re-prompts for logins or missing 2FA texts

  • New startup items, browser extensions, or a “helper” you did not install

  • Odd spikes in network traffic when you are idle

  • Brief command windows that open and close quickly

How it gets in

  • Phishing emails and macro-enabled documents

  • “Free” repacks, keygens, and fake updates

  • Drive-by downloads from risky sites

Remove it now

  1. Disconnect from the internet to stop data exfiltration.

  2. Run a full anti-malware scan, reboot, then scan again.

  3. From a clean device, change passwords and turn on MFA for email, banking, and cloud.

  4. Check startup items, scheduled tasks, services, and extensions - remove unknowns.

  5. Watch accounts for unusual logins and sign out of other sessions.

Prevent it

  • Install software only from official sources - avoid cracks and repacks.

  • Keep OS, browsers, and Office updated and block macros by default.

  • Use EDR or reputable anti-malware with real-time protection.

  • Enable MFA everywhere so stolen passwords are less useful.

  • Consider DNS and web filtering to block malicious sites.

    Glossary (A–Z)

    All A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

      • Related Articles

      • Hawkeye

        What it is Hawkeye is a Windows remote access trojan and keylogger that steals sensitive data like passwords, cookies, and credit card details, then sends it back to attackers. It can also install extra payloads and keep a quiet foothold on the ...

      • Data Execution Prevention

        What it is Data Execution Prevention (DEP) is a Windows safety net that stops code from running in places it shouldn’t—like the stack or heap. If malware tries to execute from those memory areas, Windows blocks it and shuts the app down instead of ...

      • Data Exfiltration

        What it is Data exfiltration is the unauthorized transfer of your data out of your device or network—quietly slipping customer records, passwords, designs, or finances to an attacker. It’s the punchline of many breaches: get in, get data out, cash ...

      • Data Breach

        What it is A data breach is when someone gets into a company’s systems without permission and steals sensitive info—customer names, emails, passwords, payment details, medical records, and more. For overview: see our data breach guide How it happens ...

      • Malware

        What it is Malware is any software made to harm your device or data. It can steal passwords, lock your files, spy on activity, or hijack your browser. For a quick primer and examples, see our malware explainer. How it spreads Phishing emails and fake ...