Most internet cafes aren't going to have their staff doing that sort of thing, as it looks bad for business...but that doesn't mean that someone else hasn't installed a keylogger on those machines.



Aside from not using public computers to access important accounts (and using different passwords for those critical accounts), your best bet would be to look for sites that offer two-factor authentication (SMS messages to your phone, token generators to put on your keychain, etc.). While not ironclad, two-factor authentication makes it harder to be caught by keyloggers (since the keylogger will only catch half of the necessary information, as the token is always changing.)



As for tracing access, that's typically done by whoever owns the site you're logging in to, unless they offer some sort of access log as a method of verifying that your account is in order. (This is a good thing, IMO, since it's an extra set of eyes on the account access, but not every site offers it.)

The question which you have raised aptly indicates the flaws of advanced programming.

If the systems were to have have been purely hardware based, only electromagnetic and acoustic keylogging would have come up.



The event driven functions rather than state driven functions in typical operating systems ,significantly encourage such activities.

Also, nothing works out if laws are flawed and if laws are not implemented properly.



Any form of online keylogging can be traced back. This is because of the fact that traces are indirect manifestations of IP addresses.

So, when keyloggers upload or when keyloggers are downloaded, there is a sufficient amount of trace.



Now coming to offline keylogging,

I think the question has to be reframed- Will any traces be left if someone else logs into my account with my password?



Though this is an infringement upon the scope of cybercrime, I find this one more suitable.

Because, It does not really matter if someone has your password but does not use it.

Think of it in this way: If a person has your credit card and the password and he does not use it at all, what harm will it do?



For the time being, let us restrict our discussion to email accounts such as yahoo and google accounts.



Now the problem arises if your account is accessed.



Case 1: The account is accessed from different computer apart from the ones which you would have used in your lifetime.

Say the ones in your friend's homes or in the internet centres (particularly from locations entirely different from that of yours).



Case 2: The account is accessed from the same computer or from computers in the nearby locations.



To tackle case 1,



The IP addresses can be traced back and can be eventually stated as a hack as the system would have never been accessed by you.

Even if further evidence is required, the travel documents can be checked up - say passport etc which are extremely obvious.



Now coming to case 2, the real very serious trouble comes in. It seems as if there is no other way but to give up.

It seems as if illegal activities are legally permitted!



But, a way can be found out.



Case a: The attacker uses the account to check out all mails, to send out mails and deletes some of the inbox emails.



Case b: The attacker uses the account to check out all mails, send out spurious mails but, reverts back everything to make it look completely normal by deleting the mails what he would have sent and also by marking read messages as unread.



Case c: The attacker uses the account to check all the mails and marks them unread and does nothing else.



There is one parameter here:



Case p: The attack happens from the system which you would be using.



Case q: The attack happens from a different system.



In the case a, the attack is obvious if sent mails are known and if it belongs to case q, the trace is apparent.

But, if it belongs to case p, then, may be the internet cafe or the particular 'friend' will have to be questioned.

But, if a mail from inbox is deleted, then, the trace is left in google and yahoo servers but, the user who prompts such deletion becomes obscure. In such cases, timestamps come in handy.

If the hacker comes in at the same time when the user is using, then, multiple user notification comes in. Else, the origin of the IP can be used. If the IP belongs to internet cafe then, the user registration details can be asked. The problem lies with friends' IPs. If they do email sorting stuffs like the way you do, then, most of the works like registration for some events, sending emails ,deleting unimportant mails etc should have been done. If this has not happened in the particular IP for particular access time, the events are questionable.



If the person happens to login just after you logout, then, he might be having just 3 or 4 mails. Or the person just logs in, quickly takes screen shots of your inbox and sent mails and logs out. What can be inferred?



In cases like these,

it is really very difficult but, not impossible.

The person who does it can be traced by IPs. If the friends IPs are detected in case they transfer these photos or any material online, it can be verified. But, however, if it is done offline through USB sticks and such stuffs, it is definitely illegal but, nothing can be done until such materials are got. And in few cases, it can certainly be known when people speak about it.

The question is "How do we know if the screen shots are taken?".

The answer comes in when such incidents as logging out immediately are enquired using IP information. Friends who use such IP may also have to be enquired. This may be facilitated by other accounts which are open at the same time in the same IP address.



So, case a leaves traces.

Case b evidently leaves traces.

Case c has the same issue as that of a when coming to sorting issues.



Let us extend your question a bit. What if fake accounts are created in your name?



The legality of such fake accounts has been obscure. It is very strong in yahoo while somewhat weak in Google.Creating accounts with fake names are pretty easy even in giants like Google. It just needs First name, Last name, Date of birth and the Gender with a specified username. In fact, I have created an account temporarya346@gmail.com and have not responded to recovery options and there it is- The account is fully functional. This fact has been tested.

What if something wrong done by this fake account comes on you?

How do people know if you do stuffs through fake accounts and simply shrug your shoulders off or you are really innocent and somebody else does it?



To resolve this, the owners of all accounts which are in discrepancy need to be inquired.



Finally, moving onto online banking, they operate pretty much the same. But, many bank offer additional security hardware. Be it RSA secure ID or a tag or a digital signature or whatever. But, if the bank account details are got, then probably, there is only one thing that can happen. Money transaction. Here, the sending, receiving and storing or forwarding do not come into picture. Obviously, the amounts are generally sent. I mean SENT. So, the recipient accounts owner can possibly be held responsible for such a motive.



Everything apart, remember that prevention is 1000 times better than cure. I have heard of a story wherein a man was jailed for 5 years for using his wife's account and himself getting the password from the password book which his wife had maintained. But ,I have also heard of a $200 billion cyber-crime industry. Be careful. Also, this might be applicable for repeated guessing type password cracking.



References:



http://en.wikipedia.org/wiki/Computer_security



http://en.wikipedia.org/wiki/Cyber_security_and_countermeasure



http://en.wikipedia.org/wiki/Internet_safety



http://en.wikipedia.org/wiki/Cyberstalking



http://ask-leo.com/someones_created_an_account_in_my_name_what_are_my_options_to_stop_them.html

change all your account passwords cos keylogging apps will log any password info.

monitoring-softwares dot com