Sending an unencrypted email is often likened to a postcard, in that anyone who wants to read it just needs to look at it. Obviously this isn’t good, especially when you need to send personal information to someone else, such as your bank details.
The way to get total privacy is to encrypt your email, and there are a number of ways to do that. We'll explain them, and we'll show you a supremely easy way to send an encrypted message that will self-destruct 30 seconds after opening, just like in Mission Impossible.
Bear in mind that most instant messaging services are now end-to-end encrypted, including Skype, WhatsApp and Facebook Messenger (plus iMessage for Apple users). So if you need to send a private message it may be just as easy to do so on one of those services.
How can I send encrypted email in Gmail and Outlook?
Most of us use email because it’s convenient and easy to retrieve from almost any device we own. So it’s good to know there are options open to users of Gmail and Outlook.
Back in 2014 Google announced that it was making encryption in Gmail the default setting for all users. This means that so long as you are using the official Gmail apps or accessing Gmail through the Chrome browser then your email is already encrypted.
But, and this is a big but, this only holds true if the recipient is also using Google apps. Once the email leaves the Google servers, say when you send it to your friend who uses Yahoo Mail, then the encryption is no longer applied, as otherwise the receiver wouldn’t be able to read it. So while this is certainly a big step towards security, it does leave some rather large holes that could compromise your privacy.
Then of course there is the issue that Google itself, or at least software created by the company, scans your emails for keywords so that it can serve ads that will be applicable to your interests. In many ways it’s the price you pay for the free service. Google of course maintains that the content is never actually read by a person, but if you are worried about the sanctity of the data it might be better to use a plugin such as Snapmail.co which we explore below.
It’s not surprising to find built-in features for encryption in Outlook for those with an Office365 subscription. Setting it up is a little more challenging though, but then that is often the trade-off with any security feature. The first thing you’ll need to do is exchange digital signatures with your recipient so that both of you will be able to unencrypt the messages. To create these you’ll need to follow the Secure email messages by using a digital signature guide on Microsoft's site.
With this accomplished you can write your email, then when you’re ready to send it select Options > More Options > Message Options > Security Settings > Encrypt message contents and attachments.
Sadly these features are not available on Outlook.com or in the Mail app for Windows 10, as they are restricted to paid subscribers.
What if I don't use Gmail or Outlook?
There are a number of decent alternatives out there, with Tutanota, Ghostmail, and Protonmail all proving excellent options. At the moment you can have free accounts on these, although they do come with restrictions on usage in regards to the size of emails you can send and the storage available.
Secure services either require the recipient to also be a member of the platform, or to possess a password you give them to unlock each email. This might seem cumbersome when compared to the likes of Gmail, but is a necessary level of security that is very effective against hackers and government agencies.
If you’re happy to use an IM style of communication then Mega offer a secure chat feature as part of its free cloud storage package. Again your recipient would need to be a member, but as it doesn’t cost anything and also affords you 50GB of storage, this might actually be quite enticing.
See also: Best online storage services
How do I send messages that self-destruct?
Another method is to use software that deletes the messages shortly after they’ve been read. As an example for how one of these secure message service works we signed up to Snapmail, which allows users to send ‘self-destructing text emails for Gmail’. It all feels very James Bond, but is actually quite easy to get to grips with and involves almost no international villainy.
The first thing to do, assuming of course you use Gmail, is to visit the Chrome web store and search for Snapmail. When you’ve found it click the Add to Chrome button and the extension will be installed.
Now click the three lines in the top right of the screen and from the drop down menu that appear select More tools>Extensions, then scroll down until you find Snapmail and ensure that it is enabled.
To send an encrypted email you’ll need to launch Gmail, compose your message, then you’ll notice that there is now a Snapmail next to the Send button at the bottom of the window. This means you can choose to only encrypt certain emails rather than every one, but remember that any sent by Snapmail will automatically be deleted. Click the Snapmail button to encrypt your message.
When the email arrives in your recipient’s inbox it’s accompanied by the warning that it will self-destruct 60 seconds after they open it. Sadly there are no voice messages or puffs of smoke to add to the drama.
It’s worth contacting the recipient before you send the email, as the Snapmail one does look a little suspicious, requiring you to click on a link. Usually we’d advise strongly against this as it’s how most phishing attacks take place, fooling the user into clicking on a link to a false version of a website where you unwittingly enter your account details. But in this case it’s actually helping you instead.
Just remember to read quickly!