Every now or then, I will open one of my four email inboxes to find a message notifying me of a “suspicious login attempt” from somewhere in a part of the world I have never visited. These messages often say something like, “Someone tried to log in to your email from Lima, Peru. Is this you? Disregard if so.” Of course, it is not me, so I end up changing my email password to something more secure fairly frequently. I have no clue what someone in Peru or any other part of the world wants to do in my email inbox (the only thing I assume they might find there is a list of confirmations for something I have ordered online), but there is personal information on my email accounts nonetheless, including my cell phone number and mailing address. This solidifies what has always been true: email is inherently insecure, and it is putting you at risk whether you realize it or not!
Email messages are sent through Simple MailTransfer Protocol (SMTP), so they are automatically sent without encryption or any real protections. While you can add your own protection and providers such as Google do their best to keep you as safe as possible, the sending of one message still puts your information at risk if it is not encrypted or otherwise protected. Your information can also be put at risk through messages with malware. Even if you are careful not to click on any suspicious link, one misclick can lead to your information being compromised through a virus that arrives through an email message. Additionally, inputting your information to pay for something or receive a promotion can lead to your data being compromised.
The best way to keep your email from putting and keeping you at risk is to delete messages that you do not need, minimize use of your personal device to access work or company information, and secure your email through encryption or other protections so that your information is kept safe and private.