How to detect Keyloggers on iPhone or Mac

There simply is no logical way to guarantee the absence of keylogging software. There are only ways to determine the presence of certain, known key loggers; and even if you were to confirm the presence of a well-known one, it could have been installed in an effort to distract you from the presence of some lesser-known one more difficult to detect or eliminate.

There are a number of ways an email account can be "hacked" ranging from the mundane (looking over your shoulder, or having a surreptitiously installed camera aimed at your iMac's display) to literally guessing common passwords, to very popular and extremely successful phishing scams, to highly sophisticated means literally impossible to detect. The latter possibility is not even worth considering unless you are a high profile target of an investigation from entities with essentially unlimited budgets (federal law enforcement agencies for example).

You might be able to determine the presence of common, well-known keyloggers by examining certain macOS system folders. The easiest way to do that is to download and run EtreCheck, which you can read about here: Using EtreCheck. Post its report in a reply to this Discussion. Just beware that even if you were to find one, eradicating it is probably not something you should consider, because that Mac would be considered evidence in a criminal investigation.

Other ways of lifting your personal information might involve snooping on your wireless network. Protecting yourself from that possibility requires protecting your wireless network and all its equipment both physically and with secure passwords... with emphasis on both the wireless network and all its equipment. Anyone with physical, hands-on access to your Mac or the router(s) it uses can use a variety of techniques to eavesdrop on what you're doing.

Really, the first thing you should do is to ask yourself who might be interested in "hacking" your personal information. The usual suspects include future former spouses... etc. Unauthorized use of a personal computer is a crime and has been for many years, so if that's your concern you need help that goes far beyond the scope of this technical support site.

Download and run Etrecheck. Copy and paste the results into your reply. Etrecheck is a diagnostic tool that was developed by one of the most respected users here in the ASC and recommended by Apple Support to provide a snapshot of the system and help identify the more obvious culprits that can adversely affect a Mac's performance.

artsygrl17, it is unfortunate the nature of your question has only served to draw attention away from this salient point:

artsygrl17 wrote:

My passwords will no longer allow me to be logged into my email accounts.

That in itself is insufficient reason to suspect the presence of a keylogger on your Mac. As I wrote there are no conclusive methods to guarantee the complete absence of them, so you're better off just forgetting that assumption. It will not lead to a solution.

Having prematurely drawn a conclusion you are now being advised to download and install irrelevant, useless and / or potentially malicious junk that will only lead to misery. Do not use "Google" to find a solution. It won't help. Fix the problem.

Start here: If you can't send or receive email on your Mac - Apple Support.

Its title describes the problem you need to address, and provides several fundamental reasons for email authentication failure. Exhaust those possibilities first.

artsygrl17 has not responded since leaving the message.

allow me to add doubt that any emails were hacked, that more likely this is a misunderstanding of use of the email apps

(always assume the customer is giving you the wrong problem and description, always make sure the problem is repeatable, then answer, is a more strict rule to follow for answering off-the-cuff questions)

however, artsygrl17, java is used on various websites. around 1998 there were released "versions of java" that allowed websites to "control the edit window" (meaning they see what you type before you press send. very likely they don't "read it").

if your concerned about suspicious apps, a route is to "restore mac to factory" (see articles on that) and only install essential (trusted) apps from App Store

QuietMacFan wrote:

artsygrl17 has not responded since leaving the message.

allow me to add doubt that any emails were hacked, that more likely this is a misunderstanding of use of the email apps

(always assume the customer is giving you the wrong problem and description, always make sure the problem is repeatable, then answer, is a more strict rule to follow for answering off-the-cuff questions)

however, artsygrl17, java is used on various websites. around 1998 there were released "versions of java" that allowed websites to "control the edit window" (meaning they see what you type before you press send. very likely they don't "read it").

if your concerned about suspicious apps, a route is to "restore mac to factory" (see articles on that) and only install essential (trusted) apps from App Store

Maybe you are thinking about javascript rather than Java. Restoring a Mac to "factory" seems a little excessive to rid a computer of "suspicious apps". Because an app is in the app store does not guarantee that it is safe, good, or trusted.

artsygrl17 wrote:

Nobody used my computer.

I did not knowingly install any.

I'm not even sure that I ever did log into this email service on anything but my ipad.

It is then more likely that someone either acquired you email password through social engineering, or they guessed your password, or they used social engineering to get your email provider to change the password for them.

What is the exact message received from each email provider? Are all the email providers in the same domain? Note that Cellular data can be hacked while still in the air interface, however, it takes equipment and effort.

Is your Bluetooth transceiver activated?

Simple, simple question, is your "cap-lock" activated?

I have no idea the date that I opened the email accounts. I have a vague idea but it's not exact.

Did you happen to run a client on your mac. You may be able to find the emails.

for the iPad, you may be able to use iExplorer to read data in the app.This may depend on what version of ios and iphone you have.

Downloads · Macroplant

I had sensitive business info on those accounts.

One year when I was doing my taxes, I found that I could get all the records back. Some else has the info.

R

There are programs out there that you can get and run to see if there is a keylogger such as Easemon installed on your system. Google it. I've used one before and it worked great, and it was free.

If there is a keylogger discovered, you should be able to remove it without it's affecting your system at all. Your vulnerability would be in it's tracking your info and then emailing it to nasty people

& it's a keylogger too.

Comprehensive computer activity logs - never miss a thing

Easemon enables supervisors to see almost everything that has been done on the target Mac and Windows PC. It allows you to log, retain, review and report on employee activities including:

What keystrokes are typed

Did you allow anyone to use your computer?

Did you install any key loggers?

It would be extremely difficult to get one installed any other way.