How to see if someone has been snooping on your devices
Check for suspicious activity on your phone and laptop.
This story has been updated. It was originally published on August 17, 2021.
With so much sensitive data on our phones and laptops, it makes sense that we don’t want unwelcome visitors snooping around. That’s why it’s essential to take some security precautions. But you might have let your guard down, and now you think somebody may have spent a few minutes with your hardware.
You can easily run some basic checks to help you figure out if you were a victim of an intruder. These diagnostics won’t necessarily provide definitive proof, but they can give you a pretty good idea if someone’s been scrolling where they shouldn’t have.
(By the way, if you want to lend your phone out to people every now and again, there are ways of doing it safely).
Checking your smartphone
Apps can’t hide on smartphones. If someone has installed an additional app on your handheld device, you’ll be able to see it in the main list. On Android, open Settings and pick Apps, then See all apps. On iOS, just open Settings and scroll down to see everything that’s installed.
You can specifically look at recently installed apps too, but only on iPhones. Scroll to the App Library screen (it’ll be to the right of all your home screens), and you’ll see there’s a Recently Added window showing the last apps installed.
If you have web and app activity logging set up for your Google account, this will show what’s been happening on any Android devices linked to your Google ID, and any Google apps you’re signed into on iOS devices. Visit the My Google Activity page on the web to set up this feature, and see which apps an intruder might have used, or what websites they might have visited.
Don’t forget that the latest versions of Android and iOS also keep local logs of device activity, if you’ve enabled the feature. Pick Digital Wellbeing & parental controls from Android Settings or Screen Time from iOS Settings. There, you can dig in to see which apps have been in use over the past 24 hours or the past few days—if there are apps you don’t remember using, it might be a sign that someone else has been on your phone.
Then there are the activity logs inside individual apps, and your mobile web browser is a good example. Open up Chrome for Android, tap the three dots (top right), then choose History to see recently viewed web pages. In Safari on iOS, open any tab, tap the book icon, then hit the clock icon to open the browser’s history.
If you’re an Android user, another useful place to check is your notification history. From Settings, tap Notifications, then Notification history to see alerts that have come in recently. It’s possible that if an unwelcome guest has been on your phone, there will be some traces of what they’ve been up to here.
Regardless of your operating system, you’ve got plenty of other options too—open your phone’s gallery app to see recently taken photos, for example, or open your email client and switch to the sent items folder to check if any messages have been sent in your name. Apps like YouTube and Netflix let you look back on what you’ve viewed recently as well.
These checks, of course, don’t really give you any guarantees. For example, someone could send a message on your phone and then go back and delete it before you have a chance to check. But they might turn up some clues of suspicious activity.
Checking your laptop
Checking your laptop for recent activity is similar to the process we just described for your phone. Looking at the installed apps is a good start: On Windows, open up Apps from Settings, and head to the Apps & features screen. You can sort the list of apps by installation date to see if something unfamiliar has been added to your computer.
On macOS, head to the Applications folder in Finder. Here you can group the installed apps by date by clicking View, Sort By, and Date Added. There’s also Screen Time on a Mac, which works just as it does on an iPhone or iPad. Open the Apple menu, then choose System Preferences and Screen Time to see which programs have been open recently.
Digging back through your web browser’s history may reveal activity on your laptop you didn’t know about. In Chrome, for example, you can click the three dots (top right), then History to see it. In Safari, choose History, then Show All History. Any other browser you or someone else might have used will have a similar history feature that shouldn’t be difficult to find.
[Related: How to clear your web history in any browser]
Any kind of activity related to Google apps—from search to Gmail—will be logged on the My Google Activity page in your account. It’s handy if you use Google apps inside your web browser a lot.
Another idea is to check the list of recently edited files, which might reveal unauthorized activity. On Windows, type “run” into the taskbar search box, choose the Run app, and run the “recent” command—a list of recently edited files will appear. It’s a little easier in macOS, because you can just click the Recents link in Finder.
It’s also worth diving into individual applications to see what you can discover about recent activities. For example, image editing programs, word processors, and many other apps will have a list of recently opened files, which you can check out. In Excel for Windows, for example, go to File, Open, and Recent. Other programs will have something similar.
Remember that a lot of websites and web apps will give you a customized breakdown of your recent history, too. You can very easily bring up your YouTube history or your Netflix history and check if there are any unfamiliar movements.
If someone other than you accesses your computer, there are certainly ways for them to get around the checks we’ve mentioned. For one, browsing the web in an incognito or private mode so it won’t show up in your history is an easy option most people know about. Keep this in mind and treat these checks as helpful pointers rather than conclusive evidence that your laptop has or hasn’t been accessed.
