Email

How Secure is Your Email?

As recently as a couple of years ago, most email services did not encrypt the contents of your emails. This has changed in the past few years so that all large email vendors encrypt email messages. Despite this, email remains a major vulnerability on the Internet as scammers continue to use phishing and other attacks to rob their victims. Furthermore, even secure email vendors such as Google may allow other parties to get access to parts of your email. You should assume that your email has limited security.

The Value of Temporary and Disposable Email Services

There are good reasons to (sometimes) use a temporary/annonymous email service to send and receive emails:

  1. To avoid spam:

    When you register for a website that requires a valid email address, using a temporary email service allows you to avoid using your real email address, which might otherwise be sold/compromised by the web site you are visiting.

  2. To protect your identity (for example when contacting buyers and sellers on Craigslist):

    Even though sites such as Craigslist hide your real email address initially, once contact is made between buyer and seller, eventually you may need to divulge more information. The use of a temporary email address allows you to set a time limit on how long the other party can contact you.

  3. To figure out who is selling your email address:

    When you register on a website that requires an email address, you can make the name of that website part of your temporary email address. If spam emails arrive at that address, you can be fairly certain that the website you visited sold your email address to a 3rd party.

Of course, hackers and scammers also have access to these temporary email tools. They can use them to maintain their annonymity while conducting their fradulent business.

Some providers of annonymous email services are listed below:

  • Guerrilla Mail - https://www.guerrillamail.com/
  • Temp Mail - https://temp-mail.org/en/
  • Fake Inbox - http://www.fakeinbox.com/
  • Nada - https://getnada.com

Email Data Mining: The Wall Street Journal Raises Privacy Questions Surrounding GMail

The following is an excerpt taken from a Wall Street Journal article that appeared in 2018.

By Douglas MacMillan

July 2, 2018 11:14 a.m. ET

Google said a year ago it would stop its computers from scanning the inboxes of Gmail users for information to personalize advertisements, saying it wanted users to “remain confident that Google will keep privacy and security paramount.” But the internet giant continues to let hundreds of outside software developers scan the inboxes of millions of Gmail users who signed up for email-based services offering shopping price comparisons, automated travel-itinerary planners or other tools. Google does little to police those developers, who train their computers—and, in some cases, employees—to read their users’ emails, a Wall Street Journal examination has found.

Activity: Send e-mail using Python

  1. Look at your email server settings. Update this info in your Python file.
  2. Use Python to send email to multiple people.
  3. Read the list of people you want to email from a separate file when sending email to multiple people.
  4. Personalize the email for each recipient.

Questions for Discussion

Do some additional research to help you answer the following questions:

  1. What could you do to ensure additional privacy when sending e-mail?
  2. What expectation of privacy do you have when sending e-mail?
  3. How could you automate e-mailing many people?
  4. Why do e-mail services “read” your e-mail? What is their goal?