We use the term malware to refer generically to the multiple threats to which IT systems are exposed every day. However, this word covers a whole range of concepts with which, on the whole, most users are unfamiliar.
Although this is perfectly understandable (one of my favorite maxims is that “you don’t need to be mechanic to drive a car”), it’s not a bad idea to have an understanding of the mechanisms used by the different types of malware. So let’s start with something simple: keyloggers.
A keylogger is simply a component (generally software, although hardware-based keyloggers also exist) that registers keystrokes on a keyboard without the user’s knowledge.
Not too nasty really, is it? Nothing could be further from the truth. Keyloggers are used to steal information entered by users, such as:
- User names and passwords for starting OS sessions social network credentials.
- Credit card numbers. Keyloggers are a crucial element of many banker Trojans that steal this type of data and send it to hackers, who profit financially at the expense of unwitting users.In fact, most banks now implement measures in their Web services to protect against this threat, such as virtual keyboards.
In any event, the advice that we generally give for other types of malware also applies for keyloggers:
- Don’t download or run files from dubious sources
- Only browse trusted sites
- Use a good, up-to-date security suite.
And, of course, use your common sense. These are the best weapons in the fight against malware.