Interception of email and hidden rules regarding forwarding - and I am a complete novice

I know next to nothing about my MacBook Pro or computers in general. I'm apologizing in advance if I'm asking things the wrong way or asking the wrong things.

I have three email addresses that are accessed through my apple mail program. One is my me.com Apple ID, the other two are my domain through Go Daddy. When I begin to type my name to cc myself, or send myself an email, I understood that at the list of email addresses that come up from which to choose includes those I have either directly added or have sent an email to. First, if that's correct, it's one point. The next is that if there's an email address that pops up, it isn't necessarily a contact, but could be. If this is ok, 2 points.

I'm into the 5th year of an ugly divorce. The other side is getting desperate as they haven't gotten anything from me. However, I have found, quite by mistake, at least three email addresses to which I would never have sent an email on even the Mac platform. One is a business email address I used in 2007/2008. The owner of the domain let it go in 2010. Yet someone else bought it in 2017, right around the time of things going on. Obviously, it's ownership is hidden. But I got an email that an outbound email to that email address had failed for some reason. I can't read the code or message that printed out, but that was a target email address for what seems like each and every email that goes out. Then I found another, which was using the newer mail.com domain of writeme.com. It was my name at writeme.com, and was my name @domain name.com. The third just showed up in my list of email addresses to choose from form past recipients. It's an Apple ID, also using me.com. it's my full name Jeffrey, unlike the others, but directly within apple mail.

So I've been dealing with this and other complicity since 2015, but I had a pre-funded debit card arrive in the mail two weeks ago and rapidly disappear from my mail. I immediately called the bank, and found that one two thousand dollars were spent or cash withdrawn on two days two weeks ago - immediately after the card was taken. I had assigned a dissimilar pin to one I've ever used before. Whoever it is also was able to get into the bank's website and into my account. The email address was subsequently changed to something very close to what my others are, but one I'd never use.

When I called the bank, they agreed that they are going to refund the money, but the bigger issues to me are two. One is an issue of "public good". The other directly affects only me and my soon-to-be-ex. To be able to get into the mail, get into a bank account over the web, get into my email account, to change the password, and then to spend money online, at a gas pump, but good two withdrawals for $500 each at the same trip to a bank ATM at the branch 4 miles from me.

It affects me as it invades lawyer/client privilege, lets out my documents, trial strategy, everything written or received or saved, and it's grounds for being disbarred if they attorney knows about it, and criminal for him/her to have seen it and not reported it, and grounds for criminal indictment on about another 8 federal and state laws.

I have opened files I've had for 8-10 years, and found them to contain entirely different documents than I expected. The files still as originally named, but the contents have been wiped clean or replaced by other document contents that aren't related to the dissolution.

It's been going on since I played tug-of-war with a Yahoo email account in June 2017. I had to change my password to get in, and within 30 minutes it had been changed again and I was blocked from accessing the account. I was able to get that password changed again, and I personally blocked my account and all access without a two step verification.

I have also heard of key logger programs, and again in 2017, three co-workers and I watched as outside hackers were on my desktop, opening Finder, looking at programs, and using or attempting to use passwords and opening secure accounts. At that time, we made the assumption, probably correctly that TeamViewer was the culprit opener.

If anyone can provide really simple explanations if possible, noting my level of real knowledge and bandwidth, and can help me find someone to go through this computer and about 3-4 others we've used since 2017, and find out how this is happening I would be very appreciative. If that person cannot only help locate someone who is looking in, but also find a way to look back at them and determine who it might be, I'd be more than appreciative.

I"ve been abused enough and am pro se in the action. I'd be very grateful for anyone who is able to help me figure this out.

I apologize again for the rambling.

Jeff