If you've entered the login details into a shady website, it's best to simply assume it has already been abused (and is likely still being used to send spam, and will be used in the future – until you change the password).

However, to find out how exactly it has been used you will need to check the server's log files – which depends on the mailserver you're using, and usually needs administrator privileges. It is not something you can find out directly through Outlook itself.

For example, Linux-based IMAP/POP servers keep logs in the "/var/log" folder. Windows-based servers might use the Event Log, or might have their own "Logs" folder. If you use Gmail or GSuite, then you can click the "Details" link at bottom-right corner of the website, next to "Last account activity".

This can go into three scenarios:

If attacker has already compromised your emailid/password,then he/she can login from browser to gmail.com or outlook.com , then only login activity provided by your email vendor is helpful. Gmail, usually asks for OTP on your device if it suspects that you are trying to login from a suspect location(ex. moscow).

If you are using an email client like outlook/thunderbird, then attacker can read the email(s) and destroy evidence of it as well.

Attacker might have set up a forwarding email address in your account by which he/she can get access to all the emails being sent currently.

WHAT WOULD I DO IF I WERE YOU:

1) Change the password from a fresh device and signout of all devices (still not reliable the attacker can be controlling your PC and can log all your activity) 2) Ask my friend to send an email like to my emailID

Hey Ashutosh,

Can you let me know the account number / wallet ID in which i can transfer you the remaining ammount?

Regards,
Bob

If the attacker is not so smart , he/she can get honeytrapped.