Try asking your ISP to give you a new IP address that should stop spoofing in its tracks if that's what is happening
I can change my own IP all day my changing my router's MAC address...
Ummm, that's not how it normally works.
Nah, it gives me a whole new IP address. I've done it long ago and verified success with whatismyip.
"Long ago", you could just unplug the modem from the Internet for 24 hours, connect it again and get a new IP assignment. But times have changed. If you have not verified this recently (like this morning) I would do it again.
Typically, the IP address the world (and the bad guy) sees is assigned by your ISP to your modem, not your router. If not, you could not troubleshoot your local network by isolating your Internet connection by by-passing your router and connecting a PC directly to the modem.
So I agree with Athlonite and give your ISP a call and explain the situation and ask for a different IP assignment. They will likely give you a hard time because available IPv4 addresses for the ISP are limited. so stand your ground. Be nice and polite, but firm.
Also, while the IP address is assigned to the MAC address of your modem, with many ISPs (like mine) they assign that IP to the account which is tied to the billing or street address. I discovered this when I bought a new DOCSIS 3.1 modem to replace my old 2.0 modem. The new modem got authorized and assigned my old IP address.
And I agree to change your wifi passphrase. You (or your fiancée) might have given it to some visitor at some time in the past. HOWEVER, for them to cause problems today, they would have to be physically located close to your network in order to connect - like next door.
And while unlikely, make sure nobody physically connected an unauthorized device on your Ethernet network. This, of course, would require someone had access to your home - a "trusted"
house guest. So you would need to inspect all your Ethernet cables and look for an unauthorized device - perhaps hiding in the attic, basement, or closet. And if you find an unauthorized device, it might be time to change your door locks, search for hidden cameras, and call the police too.
What should I do to look for security issues?
Check your router's admin menu. Most (if not all) router's. let you see the connected devices. Verify each one. Sadly, this may not be easy because not all devices nicely and uniquely identify themselves. For example, I have 2 devices connected to my wifi network, both labeled as "network device". I have to click on each one individually to see one is my Sony Android Phone and the other is my Samsung Blu-ray player.
You might also change you local network settings to limit the maximum number of connected devices that can connect to your network at one time. You can set a range of DHCP IP assignments your router can issue to your devices. So, if between you and your fiancée, you have 4 computers, plus a smart TV, smart phones, and smart door bell, you could limit the connections to 8 devices only. You can also enable MAC Filtering to only allow access to the devices with specific MAC addresses.
If you don't need Guest Network, disable it.