If you’re tired of hearing about privacy invasions caused by using gmail, you may be wondering how to ungoogle without accidentally switching to another insecure email provider.
In this blog, we’ll identify the least secure email services so you can determine which providers to avoid and sign up for a service that prioritizes your email security and privacy.
what makes email providers insecure?
You usually get what you pay for when it comes to online services that provide top-of-the-line data privacy and security. free services, for example, are often funded by revenue from user data.
This means that the service provider has a vested interest in retaining access to your data, which creates privacy issues and security threats.
For email providers, any privacy policy that allows the company to access your inbox could result in your emails being exploited for marketing purposes using automated keyword search algorithms.
Also, if your email provider doesn’t provide strong client-side encryption for emails by default, government snoops may be able to access your emails through a court order. In addition, there is a threat of mismanagement and data leaks caused by the company.
The lack of end-to-end encryption for emails stored on company servers will also mean that cybercriminals can breach your emails, as keys for server-side encryption could be stolen from company servers. email provider.
what are the least secure email providers?
In this section, we will identify commonly used email providers that are known for poor handling of user privacy and data security. Many people use these free email services. however, in our opinion, it is much safer to migrate to an email provider that puts your privacy first. therefore, we recommend that you stay away from the email providers below.
yahoo mail
yahoo mail is perhaps the most controversial and insecure email provider on this list. Yahoo’s reputation took a serious hit in 2016 when it was revealed that the company had provided government snoops with backdoor access to hundreds of millions of user accounts.
To give the nsa access to those accounts, yahoo provided the government with a purpose-built tool that could be leveraged to mass yahoo backdoor email accounts. the specially designed tool was then used to search for keywords and information provided by US intelligence officials in all incoming emails.
Even with this controversy aside, Yahoo remains a free email provider that retains full control over its users’ email vault. as a result, you can theoretically access anyone’s mail at any time. What’s worse, those emails are at risk of cyberattacks due to server-side encryption implemented by the company.
It’s also worth noting that in 2017 Yahoo became a Verizon Media service, which means you must agree to Verizon Media’s Terms of Service to use Yahoo Mail.
those terms clearly remind users that personalization is at the core of its services and that, in order to provide personalized services and advertisements, it will leverage data from its users.
verizon media states that it will use “device identifiers, cookies and other signals, including information obtained from third parties” to track users. These are highly invasive practices, making Yahoo Mail a highly insecure and privacy invasive email provider. If you had any questions about how Verizon Media will treat your private emails, here’s the gist of it from their Privacy Policy:
verizon media analyzes and stores all communications content, including incoming and outgoing email content. this allows us to deliver, personalize and develop relevant features, content, advertising and services.
aol mail
aol mail is another email provider that is considered bad for user privacy and data security. The service became part of Verizon Media in 2017 after the company was successfully acquired along with Yahoo.
As a result, anyone using AOL Mail must agree to Verizon Media’s Terms of Service and Privacy Policy. this gives the company full access to people’s incoming and outgoing emails, which means that when you use the service, you agree to give the company full access to all your emails:
The privacy policy also specifies that the company collects large amounts of personally identifiable information to track users’ habits, identify their interests, and serve them personalized content and ads.
this includes “device-specific identifiers and information such as ip address, cookie information, mobile device and advertising identifiers, browser version, operating system type and version, mobile network information, device settings and software data”.
In addition, the company reminds users that it “can recognize your devices” to provide “personalized experiences” and advertise “on all the devices you use.”
Add to this the risks posed by server-side security and the potential for data leaks and data breaches it creates, and you can see why this is one email service that cannot be considered secure. Finally, Verizon Media has now agreed to sell AOL and Yahoo Mail to private equity firm Apollo in a deal valued at $5 billion. this could mean further changes to the terms and policies of email services.
gmail
google is a company that already has a lot of data about internet users. the company has a mountain of marketing information about people, which it uses to identify their tastes and habits.
this data is collected every time you use google to perform a search or browse the internet with its popular chrome browser. Add to this the data it can collect from Android phones through Google services, and you begin to understand why Google controls so much information about consumers.
Having a gmail account only increases the level of surveillance the business can perform, and google has been known to scrutinize the subject lines and content of emails. That said, the company finally stopped scanning email content for marketing purposes in 2017. However, it still scans email subject lines and allows third parties to access information in emails.
In fact, even when Google claimed to have stopped automatically scanning emails for marketing purposes, the company admitted that it still allowed third parties to access users’ inboxes. this allows those third parties to snoop on the sender and recipient, the time an email was sent, and even the content of those emails.
Also, it’s critical to remember that google completely controls access to your inbox, meaning it can read your emails if it wants to for research and development and surveillance capitalism purposes, and it almost certainly will. done through automated means. to collect information about people.
Despite your claim that you do not use the content of emails to market to users, your google account details are used to serve ads to your gmail inbox.
it is true that google is a company that strives to prevent unauthorized access to email accounts. it is now forcing users with a paired device to set up two-factor authentication and has strong measures in place to detect unusual activity.
However, it is worth remembering that any company that completely controls your email vault keys could, in theory, be subject to a cyberattack that allows hackers to steal your email vault keys. . and the company could receive an arrest and gag order forcing it to provide access to people’s emails by the government.
perspective
Outlook is Microsoft’s email service, and while it’s not as intrusive as some of the other services mentioned in this guide, it’s also not an email service that can be considered secure.
This should come as no surprise because Microsoft is known to engage in high levels of surveillance capitalism, primarily by collecting considerable amounts of telemetry through the Windows operating system.
That said, according to Microsoft, “outlook.com is a free personal email service from Microsoft that does not scan your email for the purpose of serving you ads.”
This is certainly better than many other free email services. However, it is important to remember that Microsoft still controls the keys to your email vault. It is also an American company based in the United States, which means it may be subject to arrest and gag orders that force it to provide access to data stored on its servers in total secrecy.
The lack of client-side encryption means you can search your emails if you want, and while you claim you don’t use the content of emails for advertising, you may be able to leverage them for other purposes, including training. improve their algorithms and develop new products.
In addition, it is possible for Microsoft to suffer a cyberattack in which the encryption key for its email vault is stolen from its servers. As a result, hackers may be able to access your emails.
apple mail
apple mail is a service that is considered more private than the other email providers mentioned in this guide. Apple does not use user emails for marketing purposes, for example. however, the company controls access to your emails and automatically scans those emails to improve its software services.
That said, vulnerabilities have been discovered in apple mail and ios in the past, and the company has come under fire for failing to properly recognize the severity of those vulnerabilities and address them quickly. As a result, security experts harbor concerns about Apple’s ability to protect email accounts, should more vulnerabilities be discovered.
More recently, Zecops, a San Francisco-based mobile security company, discovered two serious security flaws in iOS Mail. those vulnerabilities exposed users to serious security issues that could have allowed hackers to access the content of their email accounts. Furthermore, according to Zedops, the vulnerability in Apple’s mail application was exploited in at least six cyberattacks in the wild.
The fact that Apple hasn’t fully hardened its email services in the past doesn’t bode well for the future, which means it’s hard to call its email services truly secure.
It’s also important to note that Apple is a completely closed source platform, so while the company may make wild claims about privacy, it’s impossible to know what it’s doing with people’s data. This means that there is an element of trust involved in how Apple manages people’s accounts and data.
this raises concerns, because despite apple’s claims to be in favor of consumer privacy within its services and products, the company has conflicting policies and has consistently failed to shore up its ecosystem to prevent apps on the apple store perform invasive levels. tracking (something you could do if you wanted to because you have full control over what appears in the store). this raises serious questions about his true motivations.
is it time to move to a secure and private email service?
The answer to this question is almost certainly yes! Free email services provided by major corporations expose users to privacy and security risks, as they all have questionable terms of service and privacy policies that threaten their users’ privacy.
After all, these companies offer free email services for a reason; they want to access those emails for research, development and marketing purposes. The important thing to remember is that when a service is free, it is because you are paying for it with your data.
Anyone interested in higher levels of email security and access to encrypted emails that no one can access is encouraged to switch to an email provider with strong privacy policies that promise not to scan emails and provide email security as pgp natively. within your applications to allow you to send emails protected with end-to-end encryption.