A short background on email.
Email predates the modern Internet as we know it. In the early 70’s, the standards for email encoding were proposed, and in the 80’s, the core functions were established. Though email has come a long way, the basic text email that you and I send daily looks very much the same as that of 30 years ago. The basic components of an email such as sender, recipient, subject and body, have not changed. What has changes is the way in which we use email today.
Email started out as a basic communication tool and quickly evolved into a business necessity. Initially, both the sender and recipient needed to install an email client (such as Outlook) onto their computers to send and receive email. However, the mid 90’s saw the rise of web-based email. Microsoft Hotmail, originally founded by Sabeer Bhatia, was one of the first free web-based email websites. This simple shift from a desktop program to web-based email meant that anyone, and everyone, could access their emails anywhere. The downside of this is that most people didn’t, and still don’t understand that email is inherently unsafe for private communication.
As the title of this post suggests, email is as private as a postcard. When you click the “send” button, your email appears to make its way directly to the recipient. This is not the case at all. To illustrate, let’s see what happens when firstname.lastname@example.org wants to send an email to email@example.com. When Bob clicks on the send button, his email first goes through his company’s network (in this case Hotmail) to the public Internet. At this point the email will bounce from router to router till it makes its way to Tim’s company network (i.e. Yahoo). Yahoo will then direct Bob’s email to Tim.
While all of this happens in seconds, and seemingly by magic, the important part to consider is what happens when the email is bouncing around the public Internet. During this time, the contents of your email are at the mercy of the mail servers handling your request. Therefore, when some unscrupulous individual decides to snoop in on your message (and this does happen), your private message suddenly becomes very public.
How to stay safe.
Does this mean that email is flawed? Not at all. Being aware of the mechanisms by which emails are transferred through the web is the first step to protecting your privacy. Understanding that your message contents can be read by unauthorized parties should raise some flags. Just as you wouldn’t send your credit card number by postcard, or announce it on the radio, nor should you be sending payment information by email. Furthermore, sending a password by email could also result in your computer, or online accounts, getting hacked.
So how do you stay safe? Use this simple rule to prevent your privacy from being intruded. When trying to decide what to keep out of your email, ask yourself this one question. “If someone else could read all my existing emails, could they gain access to my bank info, social insurance, or other private information?” If the answer is yes, keep that information out. Instead, what you can do is to use the phone to transfer your information to the other party. Moreover, if you are making a payment, use the company’s secure website.
Most reputable companies will never ask you send confidential information by email. If you are asked to do so, I would look elsewhere. If the deal is too good to be true, it probably is.
As e-commerce evolves and new methods of communication arise, I’m sure you’ll have more questions. Feel free to post your questions in the comments below.