Mail security

    Emails have disappeared from the mailbox

    If emails disappeared from your Inbox, they were probably moved to another folder, like Deleted or Spam. If you remember the name or the address of the sender, a part of the message wording or the subject, try to look for the email in all the folders in your mailbox.

    Restoring emails from the Deleted folder

    If the missing emails are not found under Deleted, it is possible that a month has passed since they were moved to Deleted and that the folder was emptied automatically. Therefore, such emails cannot be restored.

    If the emails were deleted less than a month ago, you can restore them. To do this, go to the Deleted folder, select the required emails, click on Move to folder and select the required folder from the list.

    Why do emails go to Deleted and how can it be avoided

    The other mail service is set up for the collection of emails from your Yandex mailbox

    If you have a mailbox at another mail service that has a mail collector set up to import emails from your Yandex mailbox, then your emails will be automatically deleted from Yandex.Mail. To resolve this problem, enable the option to save a copy of forwarded emails when you set up your Yandex.Mail to forward to another address. Then disconnect the mail collector on the other email service.

    A message deleting rule has been configured.
    Make sure the mail handling rules are not configured to delete incoming mail. If there are any, try to disable them temporarily and see whether messages will be received in the Inbox.
    Another user has access to your mailbox

    Emails can be deleted by a user who, for some reason, has access to your mailbox: you may have forgotten to close your session on somebody else's device. To close the session, click Log out on all devices in the account menu. You can also do this on the page Passports from the link Log out on all computers.

    Go to the session history log and check for any delete email operations.

    Restriction. The log stores about 2000 operations. If more than 2000 actions were performed after deleting emails, data on the delete operation will not be displayed in the log.

    If you are sure that only you have access to your mailbox, test your computer with an antivirus software, change the password and alternative address. Also check if there are any unknown numbers on the Phone numbers page.

    Phishing (online fraud)

    Phishing refers to a variety of Internet scams that are designed to collect confidential user information (account passwords, credit card numbers, PINs, etc.). Fraudsters send out emails under the names of companies, services, or social networks that closely resemble authentic messages.

    Phishing emails

    Fraudulent emails may ask you to do the following:

    • Provide your username and password to a given service or site (for example, allegedly due to problems with delivery or system failures). Most often, the From field of these types of messages contains “Customer Support” “support” or “admin”.

      Yandex staff members and Support will never ask you to send your login information.

    • Send an SMS to a short number (allegedly to confirm your identity or activate your mailbox). SMS messages to short numbers usually costs more than other SMS under your rate plan, but information about this inflated cost is usually withheld or given in a part of the message where it is least visible. As a result, an arbitrary amount, most often 100–200 rubles, is debited from your phone account right after the message is sent to the short number. In a number of situations, a feature debiting daily funds from your phone account may be enabled.

      Be cautious: Yandex will never ask you to send SMS. Instead, it sends SMS to you. You do not need to answer these SMS.

    • Fill in an application (supposedly to participate in a prize drawing or receive a gift). This type of "application" usually asks for your passport information and credit card number in addition to your full name and contact phone numbers.

      If you receive a message about Yandex holds a drawing for prizes, contact us by using details on http//company.yandex.ru/contacts and get more specific information. If there is a drawing, make sure you are not asked to pay for the prize delivery in advance or pay a participation fee, because Yandex never offers to pay for what you yourself have not ordered.

    • Click on the link to the site (for example, to enter your username and password). These sites look like the sites of actual companies or services, but they are actually fake. Scam artists can easily get access to any information entered by the user on these types of webpages. To distinguish fake sites from real ones, check its address in the address bar. Phishing sites often contain typos and meaningless sets of characters in their addresses.

    How to prevent becoming a victim of fraud

    Carefully view all incoming mail and check link addresses so as not to fall victim to phishing scams. Phishing links often contain a meaningless combination of characters or typos. Never pay for purchases or bills you are not sure about; never send SMS to suspicious numbers; and never give your Yandex password to anyone.

    Yandex.Mail marks all phishing emails with a special warning:

    If you discover a phishing or otherwise suspicious email that is not marked with a warning, please let us know using the feedback form and include its properties.

    What should you do if you fall victim to fraud

    • Contact the police if funds have been unlawfully debited from your account.
    • If you have followed a phishing link, check your computer for viruses with the help of free antiviruses such as CureIt! from Dr.Web and Virus Removal Tool from Kaspersky Laboratory .If you followed a phishing link, check your computer for viruses using a free antiviruse program such as CureIt! from Dr.Web and Virus Removal Tool from “Kaspersky Lab”.
    • If you entered your password on a fake page, be sure to change it in your Passport, link your phone number phone number to your account, and change your security question and answer. First you should check your computer for viruses, though. If you lost access to your account, follow the instructions to restore access.

    Session history

    Yandex.Mail log stores the history of changes made in your mailbox, as well as IP addresses from which authorization was made.

    Actions that have no visual implications (e.g., reading previously read mail, visiting a folder, etc.) are not displayed in the log.

    You may view the data for the last 7 days (about 2,000 actions).

    Attention. Session history contains reference information and makes it impossible to cancel executed actions (for example, to recover deleted emails).

    To open the session history, click the Last username link at the bottom of the page (if the last change to the mailbox was made more than 15 minutes ago) or Session history (if less than 15 minutes have elapsed since the last modification).

    You can also view the log from the menu Settings  → Security.

    The log shows your current IP address and other IP addresses under which you recently logged into this mailbox. All of the log's historical data is grouped by dates.

    To view detailed information for any day from the list, click the link with the date. The list displays the time of the action, the IP address of the device from which the change was made, and the name of the action.

    Mobile phone confirmation

    A confirmed mobile phone number is required to recover your password or receive notifications. If you forget your password, you can specify your phone number to receive a recovery code in SMS.

    Note. If you do not use a mobile phone or Yandex does not support sending SMS to your operator, you can recover your forgotten password at an alternative email address or by answering a security question.

    You can add your phone number on the Phone numbers page. Enter the number and click Add To confirm your number, enter the code sent in the SMS to your number and your Yandex password, and then click Confirm.

    Note. SMS delivery time depends on your network operator and usually takes several minutes (maximum delivery time is 24 hours). If you do not receive the message, try requesting it again some time later.

    Potential problems and ways to resolve them are listed in the Problems with phone numbers article.

    HTTPS support

    If you are using an insecure HTTP connection and unreliable communication channels (for example, public access points) for Internet access, information from your mailbox (personal correspondence, passwords, phone, and credit card numbers, etc.) may be intercepted by intruders.

    Yandex.Mail uses HTTPS protocol to protect your mailbox. It provides security and confidentiality by encrypting your personal data before sending it to the server. HTTPS protocol is supported by all modern browsers.

    Attention. If possible, avoid connecting your devices to public Internet access points that do not utilize HTTPS protocol.

    To reduce the risk of data loss, use only reliable communication channels for Internet access which provide a secure HTTPS connection. If, for some reason, your Internet provider does not support this protocol, switch to a more reliable ISP.

    If, while working in a network, you find that the safe HTTPS connection is disabled, contact your system administrator to find out the causes for this and eliminate them.

    Attention. If the HTTPS protocol is not working correctly, the problem may also be caused by viruses on your computer. If all settings are correct and the protocol is not blocked by your provider or administrator, check your computer with an antivirus.

    Digital signature

    DKIM (Domain Keys Identified Mail) is an email sender verification technology which adds a digital signature associated with a domain name. This signature confirms that the message has not been intercepted and modified after being sent from the sender's mail server.

    The digital signature is designed to prove email authenticity and protects against spam and phishing. Messages are provided with a digital signature on the mail server of the email sender. The sender cannot add the signature themselves, unless they are the administrator of the server from which the email is being sent.

    If you are reading messages and see a gray mark in the From field stating Digital signature invalid, you should treat the contents of the message cautiously.

    To correctly display the digital signature, DKIM technology support is required from both parties (not just from the email recipient, but also the email sender). For this reason, invalid signatures from “honest” senders may raise a false alarm.

    If you are completely confident about the sender and still see the invalid digital signature message, just ignore this alert. You can also contact Support at the sender's mail service to prevent the alert from causing false alarms in the future.