Regular Email is Completely Unsecure and Travels as Plain Text
It is important to understand that your email messages pass through several systems on their journey to the intended recipient(s). The system operators (or administrators or sysops) of each of those intermediary systems, and any snoops along the way, have the opportunity to read your messages. The analogy of emails being similar to postcards, rather than letters in sealed envelopes, is often invoked and it is a good one.
Therefore, unless you take special steps or use special apps or services to encrypt your email messages, they travel as plain text over the Internet and are vulnerable to being saved, copied or read along their journey.
Top Tip – In addition, it is no secret that employers (at least in the US) routinely monitor employees’ email messages. Employees should always assume that they have no privacy when sending email messages using their employer’s equipment or facilities.
If you are engaging in any sensitive activities by email you need to understand and appreciate the risks. Generally speaking, email is completely insecure and fully traceable. Just ask General Patreus. Whoops make that former General Patreus.
For most emails you send, this lack of security may be a reasonable trade-off for the convenience it offers. But for some of your emails you would be wise to take further measures to ensure that intercepted messages cannot be read by snoops.
You should never send any truly sensitive information by ordinary email. For sensitive messages, you should either encrypt your messages using something such as OpenPGP (free) or use a specialized secure email provider.
On its own PGP is not known for being easy to use, so consider a secure email service as they work similar to email services you are already familiar with such as Gmail or Yahoo.
Secure Email Services
The most secure email services include full encryption, not just as a secure HTTPS connection when signing in to them, but end-to-end encryption for message contents as well. Encryption helps to ensure that an email cannot be monitored, logged, analyzed and stored by your ISP, your employer, or snoops who have or gain access to the messages along their journey from you to the final recipient(s).
In the wake of Edward Snowden’s revelations, there are more email services touting security features. Thank goodness for that. However, you must choose wisely. Some services I recommend are found below, but you are encouraged to do your own research and a service most suitable for your needs. If you want to investigate other potential secure email services, type “private email accounts” or “encrypted email” into your favorite search engine, but do some due diligence to ensure the provider is reliable and trustworthy.
Please note that to fully benefit from the encryption features, often the sender and recipient must both use a compatible service or related app, such as the already mentioned OpenPGP (free).
Recommended Secure Email Services
AnonymousSpeech Secure Email ¢ features offshore servers outside US and Europe, anonymity (no logging of IP addresses) and encryption. AnonymousSpeech also supports the OpenPGP Standard for email messages without needing to install any apps on your device; it does all the complicated work for you seamlessly in the background. A free trial account is available.
HushMail has been in business since 1999, uses strong encryption and is considered a reliable secure email provider. Free accounts are available, but must be accessed frequently to remain active.