An eavesdropper may be able to gain access to a user's account (e.g., an email account, a social networking account, an online bank account). For example, an eavesdropper can obtain access to the user's account by guessing the user's username and password based on common phrases and numbers. Alternatively, an eavesdropper may be able to install malware on a user's computer (e.g., when the user selects a link in an email message). This malware can then provide the eavesdropper with the user's username and/or password the next time the user logs into his or her email account. An eavesdropper may also be able to gain access to a user's email account via spy software, via a phishing website, via implementing one or more computer commands (e.g., Linux commands), etc.
Once the eavesdropper gains access to the user account, the eavesdropper often performs eavesdropping activities but does not change the state of the account. For example, the eavesdropper may read an unread email and then, after reading the email, mark the email as unread. Thus, the eavesdropper does not change the state of the email account and, when the user logs into his or her account at a later time, the user will not know that the user's account has been compromised.