You have to screen the events signed by the key and eventually spot something weird that doesn't belong to you.
Usually the easiest way is to follow yourself.
Discussion
So being that I am mainly using amethyst and primal, the events signed by the key would be notes I publish and interactions I have with others, zaps etc.? I wonder how to spot that if it is happening on client I don't normally use that's not necessarily a social network? 🤔
It depends what the attacker want to do with your key. For example he could just change your lighting address in the profile to forward himself your zaps. You can also use some tools to list all your events, included those that are not notes, but unfortunately it's not easy to detect if an event was signed by someone else,l. You have to take care of your key in advance.