After a series of high-profile reports, it is widely known that the National Security Agency regularly monitors phone records as part of its surveillance program - and email messages might be next. With the ability to derive information that can trace messages back to their users - including their geographical location and the time the message was sent - email content and its associated metadata are prime targets for government surveillance, hacking and other malicious Internet activity.
In the past, email encryption provided by companies like Lavabit and Silent Circle have allowed their users to send private messages that are difficult to decrypt. Recently, both have discontinued their services in order to protect user information rather than hand it over to the government in the event of federal information requests, Forbes reported. Email is harder to protect compared to text messages and voice calls because it is dependent on Internet protocols, which can result in recorded user information.
"Email as it is standardized, is intrinsically insecure," said Jon Callas, co-founder and chief technology officer of Silent Circle, to BuzzFeed. "IP address geo-location has turned from a fantasy to a fine art. So, in every email you have a timestamp and an IP address that places the author in the exact space and time they were when they hit send."
Tips to Increases Email Security
While Lavabit and Silent Circle have shut down their services, another company called Hushmail said it intends to continue its protected email service. Using an encrypted email service adds another layer of security by making messages seem like gibberish if someone is monitoring another user's Internet activity. A service like Hushmail helps prevent data breaches caused by hackers by requiring a passphrase to decrypt messages before being able to read emails. Hushmail also allows users to include private email attachments and even access their inbox securely on Android, iPhone and BlackBerry devices.
Create Strong Passwords
As a first line of defense, users should choose passwords that are difficult for others to crack. Passwords that are considered weak use common words or phrases are vulnerable to hacking. Do not include passwords that include birth dates, phone numbers or street addresses, Computer Next Door suggests.
Create strong passwords using 14 characters or more that are easy-to-remember phrases instead of strings of numbers like 1111 that are simple to guess. Use unique passwords for different sites to make it difficult for hackers to access other accounts if one is compromised. Keep passwords in a safe place. Do not store passwords in a hard drive that can be stolen or misplaced.
Eduard Goodman is chief privacy officer at IDentity Theft 911.