I hope Yahoo Mail can add these 2 new features as security measures:
First, restrict sent email from being deleted right after the email has been sent. Instead, allow a 24-hour (or at least 12-hour) time limit on all sent emails from being deleted so that the user may know if someone else (such as hacker) has been hijacking his email for sending out spam. And in case that is so, what kind of spam and to who will be known as such email will stay at least 24 hours in the record before it can be deleted or auto-deleted.
Second, logins from different country IP should be recorded for up to 1 year to identify in case of hacks and where the hack originated.
I am suggesting this because this is the second time someone used my email to send out spams to others and I have no idea when and where the hacker is from and what and to who the spam is being sent to because there is no record that track such behavior for investigation. All I can do is to change my password. But in case the hack is from within Yahoo or from my own browser or from other IP address, no one can find out for sure because there is no record of such data.
Therefore, if sent emails can be prevented from being deleted right away, then at least an investigation can be done to figure out the hacker's modus operandi for further investigation.
Hi. If you suspect your account may be hacked knowing the warning signs and what to do if your account has been compromised is important. Hackers may change the settings in your Yahoo Mail account to disrupt your inbox or get copies of your emails. You can review and secure your account further here https://help.yahoo.com/kb/sln2090.html
-
Heng Cheong commented
I learned of such hack just recently from a mailer daemon that notified me an email message from my account was sent to another account that does not exist. When I checked the sent email folder, everything just look normal. I also learned hackers can send spams and thereafter delete the sent email to avoid being traced. So if all sent emails can be prevented from deletion for at least 24 hours (or 12 hours minimum) then any hack would raise alarm and allow some evidence for investigation on the nature of such spam and email.