The Best Email Encryption Services for 2023

Encryption software is used to scramble data in a way that the information contained is concealed and unreadable to all parties that do not have the proper authorization. A piece of text that is readable by humans can be made incomprehensible via encryption. This is made possible by cryptographic keys that the sender and receiver of a message have access to which can then be used to decrypt the encrypted message and reverse it to its legible form. Encryption is important because it protects sensitive information against cyberattacks. Currently, the best way to make sure data is safe while in transit, storage, and at rest is to encrypt it. Another reason why data encryption has become very important is because of new laws such as the Data Protection Act where the law now requires that companies (regardless of size) must take steps to protect data from hackers. Not only that, but the law also requires that companies protect data from being misused and shared illegally. As business owners often need to store customer or staff information, encryption facilitates this, whilst complying with data protection regulations. comply with the law.

Best Email Encryption Services

The best email encryption services work with the existing email address of the user and offer multiple encryption options. Another key feature is two-factor authentication and bonus features such as cloud storage and file sharing facilities are also useful. This guide will detail the best email encryption services for 2023. Readers will also learn the different types of email encryption services available and the type of service suited to a given type of customer. By the end of this guide, readers will know the answers to the most common questions and issues that come up when online consumers want to sign up for one of the best email encryption services for 2023.

The best email encryption services for 2023 are given below:

  1. PreVeil
  2. Tutanota Premium
  3. Virtru Email Protection for Gmail
  4. Private-Mail
  5. SecureMyEmail
  6. StartMail
  7. Zoho Mail
  8. ProtonMail
  9. Hushmail
  10. CounterMail
  11. Runbox
  12. Barracuda Email Encryption Service

1. PreVeil

PreVeil Email is a premium end-to-end encrypted mail service. PreVeil offers enhanced privacy and security along with easy-to-use apps for regular usage. The main function of PreVeil is to protect email messages for users already making use of standard email services such as Apple Mail, Gmail, and Outlook, among others.

An image featuring PreVeil website homepage
PreVeil’s major security features include encryption for both sending and receiving messages on both desktop and mobile devices. PreVeil also offers biometric authentication and instant notifications of new messages. A unique feature of PreVeil is that it does not need to be downloaded onto the PC (apps are available though). Neither is the customer required to change email addresses to use encryption.

The paid features of PreVeil include unlimited storage in addition to end-to-end encryption, data restoration, and password-less protection (which are also available in the BASIC free package). More expensive packages unlock access to more security features such as Administrator protection, a trusted communities feature, FIPS 140-2 compliant encryption technologies, and support for 5 or more users.

An image featuring email encryption concept

Users who want encrypted email communications will find PreVeil very easy to use. The service provides dedicated apps (for those who want to use PreVeil via apps). There are also Chrome extensions and web interfaces available as well for all major platforms. To further make PreVeil apps easier to use the service also provides detailed tutorials on the official website.

PreVeil gets top marks for email privacy since the service uses the best security technologies available today without making things complicated for the end-user. In terms of reliability, PreVeil performs well. The service is available to both individual users and companies and organizations which generally indicates that the service is reliable enough for companies to trust sensitive data with the service.

An image featuring email encryption service concept

The official website places the sign-up button on the homepage. Clicking the button allows the user to download the concerned app. After creating an account and connecting with the current email client, users can start communicating with encryption enabled. Alternatively, users can install the Chrome extension in Google Chrome and integrate PreVeil with Gmail.

The main advantages of using PreVeil include a free tier, key recovery facility, encrypted file sharing facility, compatibility with major email service providers such as Gmail and Outlook, and very strong encryption.

PreVeil disadvantages include the requirement to go through the installation process manually on email providers that do not support PreVeil. Another disadvantage is that the recipient must also use PreVeil for effective encrypted communications.

An image featuring email encryption concept

PreVeil offers multiple subscription plans. The first is the Individual plan which costs $25 per month for 1 user with unlimited storage. Then there is the Business plan which costs $25 per user per month. The business plan is for 3 or more users with unlimited storage. Finally, there is the Government Cloud subscription plan which costs $30 per user per month. This plan is suited towards organizations with 5 plus users and comes with NIST, ITAR, and CMMC compliance.

PreVeil does have a free “Basic” version of the software. This subscription plan is for 1 user only and offers 2GB of storage along with the standard features such as end-to-end encryption and data restoration. PreVeil currently does not offer a free trial period and there is no mention of a money-back guarantee on the official website.


2. Tutanota Premium

Tutanota is one of the most secure and private email encryption services in the world that injects privacy into the service from the design stage and streamlines usage. The main function of Tutanota Premium is to encrypt users’ email communications but the service also encrypts information stored in calendars, contacts, and notepads.

An image featuring Tutanota website homepage
Security features of Tutanota Premium include multiple encryption options (including the same algorithms as used in PGP encryption), two-factor authentication, and support for rich text messages. The unique features of Tutanota Premium include the service’s open-source apps, lack of ads, and server presence in Germany, a country that has strict data privacy laws.

Paid features of Tutanota Premium include access to five aliases, multiple user accounts, custom domain, unlimited search, multiple calendars, support via email, rules for Inbox, various sharing facilities, and increased storage.

Tutanota Premium is easy to use with dedicated apps available on all platforms and a simple website available to users who want to get started with encrypted email communication straight away.

An image featuring email encryption concept

Tutanota Premium has good privacy tools such as the availability of the same algorithms PGP encryption and keeps user encryption keys private via an elaborate system. The servers are located in Germany where laws like the GDPR do exist.

In terms of reliability, Tutanota Premium is very good since there has never been a documented case of the service not fulfilling company promises. Tutanota Premium also uses open-source algorithms that security researchers can inspect at any time and point out problems in the implementation which make the service even more reliable in the long run.

To use Tutanota, users first have to go to the official website of Tutanota. Sign up for a suitable package, set up an account with a new username, and store the recovery code somewhere safe. Then users should log in and start using Tutanota: the user interface is pretty similar to any mainstream email service provider with folders such as Drafts, Inbox, Sent and Spam available.

Tutanota’s main advantages include an encrypted calendar, multiple language support, filter facilities, a zero-logs policy, and economical packages. Disadvantages of Tutanota include a lack of support for PGP (Tutanota uses PKI) and extra charges for more space.

An image featuring email encryption service concept

The price of a Tutanota subscription is around $1 on the yearly package ($1.13 exactly; the prices mentioned on the official website are in euros) for which users get to use the Premium service. The same package costs $1.36 on a monthly basis. Tutanota also offers a Teams subscription package which costs $5.43 per month when paid monthly and $4.52 per month when paid on a yearly basis.

Tutanota also has a Business class of plans. Under the Business class of subscription plans, the Premium package costs $2.26 on the yearly plan and $2.71 on the monthly plan. There is also a Teams package which costs $5.65 per month on the yearly plan and $6.78 per month on the monthly plan. Then there is the Pro package which costs $7.91 per month on the yearly plan and $9.50 per month on the monthly plan.

Tutanota Premium offers many extra features which may increase the final price the user has to pay for any given subscription plan.

At the time of writing, Tutanota Premium did not offer any sales or other discounts. Tutanota does, however, have a free version which supports only 1 user and 1GB of storage with restrictions of using only Tutanota domains and limited searching. Currently, Tutanota does not have a free trial period and offers no money-back guarantee.


3. Virtru Email Protection for Gmail

Virtru is an email encryption service that protects data not just for email communications but for a huge number of apps, SaaS solutions, file-sharing platforms, and cloud environments. The main function of Virtru Email Protection for Gmail is to encrypt email messages for greater security and privacy.

An image featuring Virtu website homepage
Virtru security features include non PGP encryption, lack of passwords, no public key import requirement, and a message expiration date, in addition to a data loss prevention feature and granular access control. Unique features of Virtru include a free Google Chrome extension that anyone can download, a facility to disable forwarding, watermarking options, and persistent protection.

Virtru email protection for Gmail is completely free and hence there are no paid features. Virtru Email Protection for Gmail is also very easy to use since users only need the extension to send/receive encrypted messages within Gmail.

An image featuring email encryption service concept

Virtru is fairly private as the service encrypts all Gmail messages and attachments. The service also complies with various data privacy laws such as NIST, CMMC, FERPA, CCPA, GDPR< HIPAA, and CJIS among others.

Virtru email protection is essentially a Chrome extension and leverages the infrastructure of both Google Chrome and Gmail. Hence Virtru is very reliable.

To use Virtru email protection users first have to go to the Chrome Web Store and download the Virtru email extension. Once installed, users have to go to Gmail and click on Compose and click the text saying ‘Virtru Protection OFF’ near the top of the Compose window just above the Recipients text field. Then simply add recipients, input text in the body and subject line, attach files, and then, finally, click on ‘Secure Send’.

An image featuring email encryption concept

The main advantages of Virtru are the fact the software is free, attachment protection, a disable message forwarding feature, and complete integration with Gmail. The main disadvantage of Virtru is that it only works with Gmail and the Chrome browser. This severely restricts Virtru’s usage environments. Virtru also handles the encryption keys process on its own which may worry some users.

Virtru charges $948 for 5 users per year when teams sign up for the Starter Data Protection Package. Virtru also offers a Business Data Protection package which costs $2988 per year for 25 years. And finally, the Enterprise Data Protection Package for which the user or the organization has to contact Virtru and request a demo for a final price.

At the time of writing, Virtru does not offer a sale or discounted prices. Virtru does, however, have a free version which is restricted to individuals who can only have one account and must be Gmail users. Almost all plans offer a free trial feature for business users. Virtru currently does not offer a money-back guarantee.


4. Private-Mail

Private Mail is a secure encrypted email service that makes using encrypted email services easy for users. The main function of Private-Mail is to encrypt email messages via PGP and share encrypted files seamlessly.

An image featuring Private Mail website homepage
Private-Mail security features include PGP encryption, two-factor authentication, and disposable email addresses. Unique features of Private-Mail include cloud storage, file sync features, support of rich text messages, self-destructing email messages, and customer support. Paid features of Private Mail include access to custom email signatures, custom logo, custom domain, faster customer support, AES 256-bit file encryption, 100 GB file storage, 100 GB email storage, 10 email accounts, 20 email aliases, and the ability to create/delete accounts.

Private-Mail is not considered easy to use as setting up encrypted message exchange does require the user to go through several steps that are not necessary with many competitors on this list. . Private-mail does, however, have dedicated apps for all major platforms including Android, iOS, Windows, and Mac so in that respect Private-Mail is easy to use.

An image featuring email encryption service concept

From a privacy standpoint, Private-Mail is better than a lot of the present competition. Private-Mail offers good encryption options, disposal email addresses, and other privacy-focused features. Private-Mail is also a reliable email encryption service since the security protocols the service employs are excellent. Moreover, Private-Mail gives users so many access options and hence leaves no room for the user to not have access to the service on any platform.

To use Private-Mail users can either access the official website and sign in via any mainstream web browser or download the official apps available for both iOS and Android. Upon sign-up, users will have to pick a name for the email account. Once the interface is opened via the web browser, the user will have to enter the Settings menu and then enable OpenPGP from there and create PGP key pairs.

An image featuring email encryption concept

The main advantages of using Private-Mail are cloud storage, calendar app support, and a zero-logs policy. Disadvantages of Private-Mail are that the service costs a bit more than some of the other options mentioned here and the user interface is not modern enough.

Private-Mail offers a Standard Plan which costs $8.95 per month. The second subscription plan is labeled as the PrivateMail Pro plan which costs $15.95 per month. At the time of writing, Private-mail does not have a sale on. Private-Mail does offer a free version which comes with 100 MB storage for email messages and 100 MB for file storage. Private-Mail has a 60-day free trial period for private email hosting services. Not only that, but Private Mail also offers a 7-day money-back guarantee on all packages.


5. SecureMyEmail

SecureMyEmail is an email encryption service that encrypts user email without any requirements of switching the existing email provider of the user. The main function of SecureMyEmail is to encrypt email communications so that users can send and receive email that is end-to-end encrypted to anyone.

An image featuring SecureMyEmail website homepage
Security features of SecureMyEmail include the availability of PGP encryption, zero-knowledge encryption, cryptographic email signatures, perfect forward secrecy, end-to-end encrypted emails from users who aren’t using SecureMyEmail, personal PGP keys, and more. Unique features of SecureMyEmail include the ability to work with all the major email service providers such as Gmail, Outlook, and Yahoo and a free trial period lasting 30 days. Paid features of SecureMyEmail include encryption protection for multiple accounts, support for more email service providers, and customer support for setting up SecureMyEmail properly.

SecureMyEmail is easy to use as the service offers dedicated apps for all major platforms, supports existing PGP keys and allows full integration for Google, Yahoo, and Microsoft email accounts. The user interface resembles any major email service provider and hence the service is easy to use.

An image featuring email encryption concept

SecureMyEmail offers a high level of privacy as the service encrypts all messages, hides email addresses, offers a Disposable Email Address (DEA) option, and complies with privacy-focused laws such as GDPR, HIPAA, and others. In terms of reliability, SecureMyEmail is fairly reliable as the company offers business solutions as well which essentially require high-reliability solutions. SecureMyEmail has dedicated apps for platforms which further increases the service’s reliability.

To use SecureMyEmail users first have to go to the official website, download the official app for the concerned platform, create an account, choose a passphrase, upload an encrypted copy of the passphrase for backup, fill out the profile and provide an email address to be connected. Then launch the SecureMyEmail app, input login details and the passphrase, sync accounts and start sending/receiving emails like normal.

SecureMyEmail advantages include ease of use, extra security features, message expiry, a free tier, and the ability to work with existing email addresses. Disadvantages of SecureMyEmail include lack of speed, some features not being fully implemented, limitations on the message expiry feature, and the lack of two-factor authentication.

An image featuring email encryption concept

SecureMyEmail has two plans. The monthly plan costs $3.99 per month and the yearly plan costs $29.99 per year. There is also a lifetime subscription plan which costs $99.99 upfront. SecureMyEmail also offers custom plans for enterprises and organizations for which the company can be reached via the official website.

SecureMyEmail does have a free plan which does not require any payment information but does come with some restrictions. SecureMyEmail also offers a free trial of the service’s paid plans which lasts 30 days. Finally, SecureMyEmail has made no mention of any money-back guarantee on the official website but with the free version and 30-day trial available, there is much less need for one.


6. StartMail

StartMail is an email encryption service that protects user data, online activity, and privacy with help from advanced security features and encryption technologies. The main functions of StartMail include encrypting email messages and enabling users to send those encrypted messages to anyone with an email address.

An image featuring StartMail website homepage
StartMail security features include PGP encryption, two-factor authentication, non-PGP encryption options, disposable email addresses (DEAs), and aliases. The unique features of StartMail include unlimited aliases, the fact that the service is based in the Netherlands, lack of ads and tracking, and the ability to send encrypted messages to anyone. Paid features of StartMail are a personal StartMail email address, ability to import contacts, unlimited aliases, 10GB email storage, customer support, Inbox rules, and malicious link protection.

StartMail is average in terms of ease of use since the service does not have any dedicated mobile apps. The website is fully responsive and the interface mimics the major email service providers which means users don’t have to learn much to get going.

An image featuring email encryption concept

From a privacy standpoint, StartMail is better than average email encryption services since the service is based in the Netherlands that has strict data privacy laws. The service complies with GDPR as well. The company does not store or collect user information and does not show ads.

StartMail is highly reliable since the company has a great reputation with the privacy-focused search engine StartPage. However, the lack of apps means users will have to access a web browser to access StartMail or use a compatible third-party email program which can introduce reliability issues.

To use StartMail users have to go to the official website, sign up for a package (or a trial period), and input the details to set the service up and then start sending encrypted emails.

An image featuring email encryption process concept

The main advantages of StartMail include multiple aliases, economical packages, and a solid reputation for privacy. Disadvantages of StartMail include a lack of monthly packages, the need to provide payment details for the trial period, and a lack of mobile apps.

StartMail subscription plans start at $59.95 per year and there are two subscription plans on offer. The first plan is the Personal package which costs $5 per month. The second subscription package is labeled Custom Domain (as the plan allows users to use a custom domain for the StartMail email address) and costs $5.85 per month.

At the time of writing, StartMail is offering a 50 percent discount on both of the above-mentioned subscription packages. The Personal plan is down to $2.50 per month and the Custom Domain plan is down to just $2.95 per month. StartMail currently does not have a free version available. However, all StartMail packages come with a 7-day free trial. StartMail does not have an official money-back guarantee policy.


7. Zoho Mail

Zoho Mail is an email encryption service that is primarily built for businesses and offers private-encrypted and secure email communications without ads. The main function of Zoho Mail is to provide users with tools to communicate via email securely with help from encryption tools. Zoho Mail’s secondary function is to make collaboration easier with other Zoho products.

An image featuring Zoho Mail website homepage
The security features of Zoho Mail include secure data centers with good surveillance and security protocols, high uptime, encrypted email both at rest and end-to-end. There is also a S/MIME encryption option available. Apart from that, paid tiers include anti-phishing and malware features as well. Unique features of Zoho Mail include a control panel via which the admin can configure, customize and tinker with the available settings, group aliases, email content policies, and CRM integration. Paid features of Zoho Mail are an increase in the number of users, archiving facilities, and eDiscovery for auditing purposes. There are also restoration tools and backup options available for paying customers. Higher tiers introduce file managers, office tools, chat clients, training programs, and an increased storage limit.

Zoho Mail is fairly easy to use though the user interface is not as straightforward as some of the other options on this list. Mobile apps are available for all major platforms and there is great customer support available for easy configuration.

An image featuring email encryption service concept

In terms of privacy, Zoho Mail is excellent since the service supports HIPAA and complies with SOC2. Zoho has also set up servers in a way that keeps data belonging to different customers separate from each other. In addition to that, the data gets protection via encryption not just while at rest but also in transmission. Zoho Mail is highly reliable with over 99.9 percent server uptime and a good reputation in the industry for delivering high-performance email security products.

To use Zoho Mail users first have to sign up via the official website, download the relevant app, set up a domain if that is required, go to the Control Panel via My Account, and access Zoho Mail features.

The main advantages of Zoho Mail include a modern user interface, POP/IMAP support, custom domains, notes, calendar, and a free tier which is pretty comprehensive. Disadvantages of Zoho Mail include limited app integrations and a lack of live chat.

An image featuring email encryption concept

Zoho Mail offers three subscription packages. The first package is the Mail Lite package which costs $1 per month per user. The second package is the Mail Premium package which costs $4 per month and per user. Zoho Mail’s third package is the Workplace package which costs $3 per month per user. Zoho encourages users to opt for its reduced monthly price scheme. The Zoho Mail Premium package comes with a 15-day free trial. Zoho Mail also has a free version where the service allows up to five users with 5GB of storage limit per month and 25 MB attachment limit.

Zoho does have a money-back guarantee which lasts 30 days after the date of purchase for monthly packages and 45 days for annual subscriptions. Moreover, when a given user auto-renews and the time comes for renewal, the user has five business days to cancel the renewal and get downgraded to the free plan.


8. ProtonMail

ProtonMail is one of the premier email encryption services that aims to provide security to users at a reasonable cost. The main function of ProtonMail is to provide users with an email service where all communication including messages and attachments are encrypted at rest.

An image featuring ProtonMail website homepage
ProtonMail security features include end-to-end encryption with ProtonMail users, message expiration, encrypted file storage, secure calendar, two-factor authentication, two-password mode, and PGP encryption options. Unique features of ProtonMail include the fact that the service is based in Switzerland with strict data privacy laws, zero-access encryption, its open-source nature, software-less options, and physically and secured data centers. Paid features of ProtonMail are increased storage, increased number of messages per day, dedicated folders and labels for different types of email messages, filters, auto-reply features, IMAP/SMTP support, multiple ProtonMail addresses, custom email address integration, Proton Calendar, and ProtonDrive.

ProtonMail is fairly easy to use since the service has dedicated apps for all platforms including Android and iOS and also has a web interface. The user interface resembles any mainstream email service provider which further makes things simpler.

An image featuring email encryption concept

In terms of privacy, ProtonMail is pretty much the best amongst encrypted email services as the company has always focused on privacy first and features later. ProtonMail complies with all Swiss privacy laws, offers an anonymous email gateway option, implements strong encryption, and is open source. All of these features enhance privacy. ProtonMail is a highly reliable service with years of experience serving millions of users and offering a world-class private email service for free and via a subscription.

To use ProtonMail users first have to go to the official website, click on the sign-up button, input the required details (including an email address or phone number), and download the required app. The dashboard is modern enough to allow users to spot the Compose button quickly and start communicating via encrypted email messages.

The main advantages of using ProtonMail are access to a modern and secure user interface and a great reputation (as far as privacy and security are concerned). The disadvantages of ProtonMail are restrictions on the number of messages that can be sent per day and the lack of end-to-end encryption for subject lines.

An image featuring email encryption concept

ProtonMail has three subscription-based packages. The first package is called the Plus plan which is for 1 user and costs $5 per month and/or $48 a year. Then there is the Professional plan which is for 1-5000 users and costs $8 per month per user and/or $75 per user per year. Finally, ProtonMail’s most expensive subscription plan is the Visionary plan which is priced at $30 per month or $288 per year for six users. Apart from the above-mentioned plans, ProtonMail allows users to have custom plans where users can change the amount of storage available and the number of users supported per plan. Additionally, ProtonMail also offers business plans for small and large businesses.

At the time of writing, ProtonMail did not have a sale on any of the service’s subscription packages. ProtonMail does have a free version though that offers almost all the features that paid plans do but comes with certain restrictions. ProtonMail does not offer a free trial period and does not have a stated money-back guarantee period. However, if users experience problems, ProtonMail customer support is always there to help and in some cases may offer a refund.


9. Hushmail

Hushmail, as the name suggests, is an email encryption service that secures messages and ensures email conversations remain confidential and safe. The primary function of Hushmail is to protect client communications by encrypting messages, web forms, and e-signatures.

An image featuring Hushmail website homepage
Security features of Hushmail include OpenPGP encryption, two-factor authentication, secure forms, and form sharing. Unique features of Hushmail include a zero-knowledge service, a particular focus on healthcare professionals, and secure web hosting. Paid features of Hushmail are access to multiple encrypted accounts, multiple secure web forms, electronic signatures, a private message center, a money-back guarantee, and HIPAA compliance.

Hushmail is easy to use as all that users have to do is sign up on the official website and provide an email. The user interface is clean enough but lacks some modern features such as a multi-panel message pane, and a drag/drog message function.

An image featuring email encryption concept

In terms of privacy, Hushmail is an average email encryption service as the service is located in Canada and is a subsidiary of a US firm. Hushmail also requires users to agree to some processing of data. Apart from that, Hushmail informs the user of potential collaboration with law enforcement agencies in certain situations and does not have a transparency report. Hushmail is reasonably reliable as it is designed for healthcare professionals and is HIPAA compliant. Hushmail is lacking in terms of privacy though as the service operates outside Canada and encrypts messages on company servers rather than the user’s machine.

To use Hushmail, users only have to go to the official website and provide an email address and/or phone number to sign up. Once completed, the main interface provides two prominent buttons labeled ‘Check Mail’ and ‘Compose’, both of which users can instantly start using to send/receive encrypted email.

An image featuring email encryption service concept

The main advantages of Hushmail include features for private (encrypted) message exchange even with non-Hushmail recipients and HIPAA compliance. Disadvantages of Hushmail are the lack of dedicated apps for platforms like Android, collection of personal data, and the requirement to provide personal data to sign up.

Hushmail has numerous subscription packages for different types of users. The primary target audience is healthcare. Hushmail for Healthcare professionals comes with a Starter subscription package which costs $9.99 per month ($109 annually), a Recommended package that costs $19.99 per month ($219 annually), and a Custom package that costs $39.99 per month ($439 for those who pay annually). The annual subscription packages offer 1-month free Hushmail.

Hushmail for small businesses offers a Small Business package that costs $5.99 per user per month. Additionally, Hushmail has the Small Business Plus package which bumps the price up to $7.99 per user per month with some enhancements.

An image featuring email encryption service concept

Another class of packages are Hushmail for Law. The only package available in this class is the Hushmail for Law package which costs $9.99 per month per user and is focused on professionals working as a lawyer.

Hushmail for personal use offers the Hushmail Premium package which costs $49.98 annually. Hushmail also offers custom solutions for bigger companies and organizations. Users have to contact Hushamil via the official website to get a quote on a custom package.

At the time of writing, there were no discounts or packages on sale available on the official website of Hushmail and there was no free version of the software available. However, Hushmail does have a free trial option that lasts anywhere from 7 to 14 days. All Hushmail subscription packages come with a 60-day money-back guarantee.


10. CounterMail

CounterMail is an email encryption service that aims to secure email communications and make the process easier for online users by focusing on privacy and security without many setup requirements. The main function of CounterMail is to encrypt email communications and anonymize user accounts anywhere in the world while making sure the experience remains as simple as using Gmail or Hotmail.

An image featuring CounterMail website homepage
Security features of CounterMail include OpenPGP encryption, 4096-bit encryption keys, MIME/PGP support, secure forms, email aliases, custom domains, good TLS/SSL implementation, SSL encryption, server-side disk encryption, session encryption, and two-factor authentication. Unique features of CounterMail include diskless web servers, MiTM protection, end-to-end security, anonymous email headers, IMAP servers, dynamic aliases, and portable email.
An image featuring email encryption concept

Paid features of CounterMail include an XMPP chat server, auto-responder, message filter, email notification, secure forms, a USB key option, and a custom domain name. Other paid features include increased storage space and custom domain including USB credits. Apart from that, full disk encryption, PGP-encrypted unencrypted email, SSL-MiTM protection, and a password manager.

CounterMail is reasonably easy to use as users only have to go to the official website, sign up and use the webmail interface with a pre-generated PGP key. CounterMail also makes importing contacts easy with two or three clicks and does not require the user to have the key for recipients using Countermail or Hushmail users as the service can fetch those keys automatically. The user interface is considered unattractive by some users though.

As far as privacy is concerned, CounterMail is reasonably private. But the service is based in Sweden, which has many data retention laws. Sweden is also a member of the 14-Eyes agreement which states that law enforcement agencies can extract data from any service. Countermail does, however, use end-to-end encryption which is great for privacy and doesn’t store user encryption keys.

An image featuring email encryption concept

CounterMail is reliable as the company takes several steps to make sure user data remains out of the reach of even CounterMail staff. The official website does not use any cookies which is also a positive sign of reliability. To use CounterMail users have to go to the official website, sign up for a package, use the web interface, or a free mobile client to set up CounterMail.

Advantages of CounterMail include cryptocurrency payments, SSL AES-CBC and RSA encryption, and secure servers. Disadvantages of CounterMail include expensive packages, old UI, average website design, and lack of dedicated mobile apps.

CounterMail offers three different subscription packages. The 6-month package costs $29 (which comes down to $4.83 per month) while the 12-month package costs $49 (or $4 per month). The third package is called the 12×2 package which costs $79 (or $3.29 per month).

An image featuring email encryption service concept

At the time of writing, CounterMail had no discount options and/or sale campaigns. CounterMail does offer more plans for users who want extra space. The price for each upgrade can be anywhere from $19 to $89. Users who want to take advantage of the Domain option have to pay $15 as a one-time setup fee.

Currently, CounterMail does not offer a free version. The service does have a free trial though which expires after 10 days of sign-up and grants access to everything on the premium account. Another requirement to use the free trial feature is that the user must know another user who is using Hushmail and get an invite code from the other Hushmail user.

CounterMail does not have a traditional money-back guarantee but the service does allow users to ask for a full refund within 14 days of paying for a given CounterMail product. However, users who have sent an email via a CounterMail account cannot claim a refund for that account.


11. Runbox

Runbox is another email encryption service provider that claims to connect users via secure and encrypted email communication. The main functions of Runbox include encrypting email messages, implementing strong authentication procedures, and keeping operations environmentally friendly.

An image featuring Runbox website homepage
Unique features of Runbox include hydroelectric powered servers, powerful service management features, strong Norway privacy regulations, and easy transfer from an email service to Runbox. Paid features of Runbox include increased email storage, multiple email aliases, custom email domains, webmail, Contacts, Files, and customer support.

Runbox is average in terms of usability as the UI is not modern. However, Runbox is still very functional and follows the tried-and-tested interface of a two-column view.

An image featuring email encryption concept

In terms of privacy, Runbox is slightly below average since the service does not offer end-to-end encryption and doesn’t encrypt the entire inbox. Even using PGP requires the user to set things up manually. The service does comply with strong privacy laws in Norway though. Runbox is not as reliable as some of the other options mentioned here as the service does not have dedicated apps which decreases opportunities for access. There are no desktop apps either. Runbox is not open source and the system does not encrypt data within it while at rest.

To use Runbox users have to sign up for a package via the official website, provide an email address and sign in via the web interface. From the interface, clicking the Compose button should allow users to send messages with TLS/SSL encryption.

Advantages of Runbox include multiple payment methods, custom domains, email aliases, GDPR compliance, synchronization abilities, IMAP/POP/SMTP support, environmentally-friendly policies, and hidden IP addresses. Disadvantages of Runbox are a lack of mobile apps, lack of desktop apps, lack of strong encryption, lack of bonus features, and the fact that the service is closed source.

Runbox offers several different subscription plans based on the needs of the user and the upgrades required. But the four standard subscription packages are Micro (which costs $19.95 per year), Mini ($34.95), Medium ($49.95), and Max ($79.95). Each account offers access to the same features. The real difference is the amount of email storage space and file storage space along with email hosting domains that a user has access to.

An image featuring email encryption service concept

Apart from the above primary accounts, Runbox also offers sub-accounts of the major accounts mentioned above. The sub-accounts also have four subscription packages labeled Micro (which costs $7.95 annually), Mini ($14.95), Medium ($24.95), and Max ($39.95).

Runbox also offers email and web hosting upgrades which can further increase the price the user has to pay on a yearly basis. Runbox does not offer monthly packages.

Runbox does not offer a free version of the company’s main email encryption service. However, Runbox does offer a 30-day free trial with every subscription package. Users are free to not use the free trial option and pay for a subscription upfront in which case Runbox will add the 1 month in the annual subscription period.

As far as a money-back guarantee is concerned, Runbox offers a whopping 60-day refund policy which allows users to experience the service and then make a final decision.


12. Barracuda Email Encryption Service

Barracuda Email Security is an email encryption platform/gateway that promotes a secure and private email messaging experience via strong encryption implementation and compliance with tough privacy requirements. The main function of Barracuda Email Security is to encrypt user data both at rest and in motion and comply with various data privacy laws to ensure not only security but also privacy.

An image featuring Barracuda Email website homepage
Security features of Barracuda email service include access control permission, anti-spam, anti-virus, archiving and retention abilities, email monitoring, email filtering, attachment protection, fraud detection, policy management, encryption, and quarantine. Unique features of the Barracuda email service include intelligence reporting, email integration support, auditing, allow and block lists, outbound email monitoring, and Data Loss Prevention features. Paid features include malware protection, phishing protection, multiple scanning options, and regular updates.

Barracuda Email service is not easy to use as users have to fill out a form to get a free evaluation unit which takes an unspecified amount of time. The service also does not have dedicated apps and very few integrations. The main web interface is cumbersome and not streamlined.

An image featuring email encryption concept

In terms of privacy, the Barracuda email service is top-notch since the service complies with PII, GDPR, HIPAA, and PCI among other privacy laws. Barracuda makes use of strong encryption to protect email and related attachments. Barracuda email encryption service is also very reliable since the company behind the service is trustworthy and has decades’ worth of experience in providing business-class email security solutions. There are no dedicated apps though which may lower the reliability score.

To use Barracuda, go to the official website, fill up the request form, purchase a license, log in via the Barracuda Email Security Gateway and then configure encryption policies. To activate encrypted mail archiving users will have to go to the Administration page and go through the entire process either alone or via customer support.

Advantages of Barracuda include a trustworthy brand, corporate-level encryption services, lots of customization options, and expert customer support. Disadvantages of the Barracuda email service include a cumbersome sign-up and configuration process, excessive configuration options, and a lack of standard subscription plans.

An image featuring email encryption concept

To obtain pricing information, users can go to the official website of Barracuda and schedule a demo or use the live chat feature to obtain a quote. As previously mentioned, Barracuda email encryption service offers some very advanced features and more often than not, the type of client coming to Barracuda will have very specific needs.

Generally speaking though, clients should expect to pay a minimum of $2.63 per month per user and based on the additional security features required, the price will definitely go up.

At the time of writing Barracuda email encryption service did not offer any discounts or had any sale on available packages (part of the reason may be that Barracuda doesn’t mention subscription package prices up front and instead asks the interested party to get a quote).

Barracuda email encryption service does have a free version and may even have a free trial depending on the type of client and how the negotiations go with Barracuda staff. Currently, Barracuda does not have an officially set money-back guarantee policy.


What are the Types of Email Encryption?

An image featuring email encryption types concept

The types of email encryption include PGP/MIME and S/MIME, among many others. PGP email encryption is short for Pretty Good Privacy email encryption and was developed by Phil Zimmerman in 1991. Now PGP is used in the vast majority of good email encryption services. PGP involves encrypting data with a random key and then the same random key getting encrypted with the receiver’s public key. Upon receiving the encrypted message, the receiver may use the private key to unlock the encrypted message and the random key. PGP works on a decentralized model. The main difference between PGP and S/MIME is that S/MIME works on a centralized model in which the user must obtain the encryption key from a specific certification authority (CA).

Another type of encryption is the GNU Privacy Guard which makes use of a symmetric key and public key. In this type of encryption, asymmetric key pairs are generated first and the sender and receiver of the message receive the pair for encryption and decryption. Another type of email encryption is Bitmessage, which is more suited to individual users and relies on peer-to-peer authentication. STARTTLS is another encryption type that provides encryption for messages while in transit. While safe, STARTTLS opens doors to MiTM attacks. Another email encryption type is MTA-STS or DANE which is pretty similar to PGP/S-MIME and STARTTLS. In fact, DANE (and MTA-STS) overcomes some of the shortcomings of STARTTLS. DANE forces the recipient and the sender to use TLS and blocks attempts at stripping away TLS. MTA-STS makes use of CA and TOFU, while DANE uses DNSSEC.

How do Email Services Encrypt your Mails?

An image featuring email encryption process concept

Encryption is the name of the process that services use to convert legible data into gibberish using a secret format. According to the encryption definition, only the receiver having access to the secret format may turn the gibberish data back into its original state. More specifically, plain text is first converted into ciphertext and then sent as scrambled data. The receiver must use a password or a key to convert the ciphertext into plain text and read the message. Encryption is very important in modern communications to protect sensitive data and conversations from hackers and other snoopers.

Note:

Most email services use TLS for email encryption. The user’s web browser contact’s the email service provider’s servers in order to secure and establish a connection. Then the email service encrypts the user’s message, passes the message through the servers, and then to the final destination.

On a more granular level, most email services use PKI to encrypt and decrypt messages. In the PKI arrangement, the sender and receiver get a public and private key. A key server stores the public key with the related user information. Once uploaded to a given email service’s servers, the email service uses the public key to encrypt the email. The sender has to provide the receiver’s public key to encrypt a given message. Then a given email service uses the private key of the receiver to decrypt the message.

Isn’t My Email Already Encrypted?

An image featuring email encryption concept

Yes, but only for mainstream email service providers like Gmail. Even Gmail only uses TLS for email security which only provides encryption in transit. Gmail also provides paying customers S/MIME. The gap remains the same though. Even though email is encrypted when in transit, once the email message reaches the inbox of the receiver, there is no encryption to protect the message.

To check if a given outgoing email message is encrypted when composing a message via an email service like Gmail, take a look at the recipient’s field. On the right-hand side of the recipient’s field, there should be a lock icon. The lock icon indicates the level of encryption. If the recipient of the message supports enhanced encryption, the message will be encrypted.

To check if the message received has encryption, the user should open a message (assuming the email service provider is Gmail), and then (on iOS or Android) click on the option that says ‘View Details’. After that, click on ‘View Security Details’. From there, the user should look for a colored lock icon. A green lock icon will indicate S/MIME encryption and a gray icon will indicate TLS encryption. A red lock icon will mean the message is unencrypted.

Which Email Services can be Encrypted?

Almost all major email services can be encrypted based on the subscription package of the user. The email services that can be encrypted are given below:

An image featuring Gmail opened on phone
  • Gmail (only for users with access to G Suite email encryption): Gmail users automatically get access to TLS encryption. That is why, generally speaking, Gmail is fairly secure. G Suite Enterprise users get access to S/MIME encryption as well. To enable S/MIME in Gmail, users first have to go to the Google Admin console and then click on Apps. After that users should click on G Suite and then on Gmail and then go to User Settings. From there, choose the organization or the domain for configuration and click the option that says Enable S/MIME for both receiving and sending emails. Then click the button that is labeled Save.
  • Outlook (via Office 365 Enterprise E3 license): Similar to Gmail, Outlook does make use of TLS encryption to protect all messages. As mentioned before, TLS is only good when the messages are in transit. To counter this problem, Microsoft implements a separate email encryption system for Office 265 Personal and Office 365 Home subscribers. This makes Outlook a secure email service.
    To start sending email messages that are encrypted via Outlook, users first need to go to the official website of Outlook and then sign in. After that, users should click the New Message button (based on the theme used, this button could be blue) which is located in the top-left section of the screen. There should be an encrypted option shown via the ribbon. Users need to click the Encrypt option (sometimes this option may be labeled as ‘Encrypt & Prevent Forwarding’). After that users should input the recipient’s address, the subject line, and any content that should go into the body of the email message and then click on the button labeled Send.
  • Yahoo Mail: After Gmail and Microsoft, Yahoo is probably the third-most used email service provider. And similar to both Microsoft and Gmail, all users get to use TLS encryption on all email messages. To enhance encryption and take advantage of all the benefits that come with end-to-end encryption, users need a third-party plug-in to use with Yahoo Mail. The plug-in needed is Mailvelope. Once installed on Chrome or Firefox, Yahoo mail users need to configure Mailvelope correctly. After that, users need to go to compose a new message in Yahoo Mail. If Mailvelope is installed correctly, the plug-in will show a Mailvelope symbol in the top-right area of the screen. Users need to click the option that says Encrypt after filling out the details of the message (recipient’s address, content of the body, and subject line) and then click ‘Send’.

Do I Have to Pay for Email Encryption?

An image featuring email encryption concept

No, online users do not have to pay for email encryption. Of course, users can pay for email encryption if more advanced security features are needed and there is a desire to support email service providers offering complete encryption for email communications. Some of the most well-known free email encryption services include Virtru and PreVeil, both of which offer top-of-the-line encryption for free. Similarly, SecureMyEmail becomes free if users restrict usage to a single Microsoft/Yahoo/Gmail account. There is even a 30-day free trial period.

Perhaps the two best and most user-friendly free email encryption services are Tutanota and ProtonMail in the sense that users can get set up in a matter of minutes. Both are excellent services but come with a few limitations. While Tutanota does not have an official limit on the number of messages the user can send, the company does block users from sending messages if the user activity matches certain patterns. Tutanota Premium increases the number of messages the user can send before the service steps in and stops the user for a limited time from sending more.

There is also ProtonMail which is completely free and very secure. ProtonMail has similar restrictions to Tutanota but does offer a cleaner and more convenient user interface.

Lots of other email encryption services mentioned in the list mentioned above do not have any kind of limitations but users do have to pay for the privilege.

What could Happen if a Hacker Took over My Email?

An image featuring hacked email account concept

Lots of different forms of harm can take place if hackers take over email accounts. If a hacker took control of an email account, according to the hacking definition, the user would be at risk of information loss or malware installation. For example, if a hacker takes over a given user’s email account, the hacker is free to send as many emails to contacts and non-contacts as desired for as long as desired from the user’s hacked account. This is a big enough problem in itself but hackers can go one step further and try to scam the user’s contacts for money and information. Not just that, hackers can infect email messages with malware and then send such messages to hundreds of other users.

Hackers can compromise the online identities of people whose accounts have been compromised. Hackers can also hack the compromised account’s employer, potentially landing the user in further trouble. Potentially, a single hacked account can run the professional life of the victim within days.

Apart from that, cybercriminals can use compromised email accounts to blast out phishing emails to even more users and steal the personal information of every user that falls for the phishing email scam and inputs sensitive information into a legitimate-looking fake website.

An image featuring hacked email account concept

Many online users use email addresses not just for receiving emails, but also to sign up for hundreds of other services and, in some cases, for identification services. So a compromised account can lead the hacker involved to access not just the user’s email messages and contacts but also social media profiles, Google Drive content, and any other account that the user has linked the email address to.

If the email account that gets compromised is a primary one, hackers can use the account to send ‘forgot password’ requests to many other accounts and change the password of those accounts as well. So one primary email address account can lead to lots of other accounts being hacked as well.

Perhaps the most obvious danger of a hacker taking over an email account is access to personal information. Hackers can use any piece of information to, for example, compromise the victim’s Facebook account and get information about the victim’s family, friends, co-workers, and colleagues. Every small detail of the victim’s life is at risk when hackers take over an email account.

There is nothing stopping hackers from also stealing financial information. Stolen financial information can lead to monetary losses for the victim in question. Hackers often use the compromised email address to find the victim’s debit card information and then use that to contact the concerned bank to either withdraw money or change financial details. Hackers may also know all the transactions the victim has made in a given year. With enough financial information in hand, hackers can open new bank accounts in the victim’s name and apply for loans wherever possible, which in the long term can hurt the victim’s credit score.

An image featuring hacked email account concept

Finally, hackers can use the information found within the hacked email address to blackmail the victim and spy on the victim by never disclosing to anyone that the email account has been hijacked and hence spying on any new incoming email messages. Such information can also be used for extortion.

With the information contained in the email account itself and the secondary information available with all the connected services, hackers can get all the personally identifiable information that is needed to impersonate the victim and carry out even more harmful activities.

How do I Know that Someone Read my Private Emails?

An image featuring reading private email concept

There are services available that let the user know if someone has read the email sent to the recipient. Knowing if the recipient has read the sent message has to be understood in the context that the sender may want to know if there is a need for a follow-up email message. Or the sender may like to know if the message reached the inbox of the receiver. Sometimes, knowing if someone has read a sent private email can help the sender improve future email messages by working on the subject line and the actual contents of the email message. Of course, there are privacy issues to deal with as well (some recipients may not want to give up the information regarding whether or not the received email message was opened or not).

Note:

The two main methods of knowing that someone has read a given private email message is to first enable the feature ‘read receipts’ which is available in most email services today. And the second method is to use a third-party email tracking plug-in.

Requesting a read receipt is by far the easiest way to know if a sent message has been received in the inbox and has been opened by the recipient. Some email service providers use the term return receipt instead of read receipt. Fortunately, both Gmail and Outlook offer the read receipt feature. In Gmail, free users cannot request a read receipt. A subscription to Google Workspace (or G Suite) is required. To enable the feature users have to go to the admin console and then to Apps and then to Google Workspace and from there enable Email Read Receipts in User Settings. Outlook offers a much simpler experience though and the feature is available to everyone.

There are many email tracking tools to see if someone has read a private email but MailTracker is considered a very good option.

Apart from requesting read receipts, delivery receipts, and email tracking tools, there are other methods as well. One such method involves the user inserting an image into an HTML email message to show if the email message was opened. The method of inserting images into email messages is considered more reliable than the previous methods just mentioned. The image inserted in the email address can be invisible. Moreover, the recipient does not need to know if the message contains an image to indicate whether or not the message has been opened and read.

Can Text Messages be Encrypted like Emails?

An image featuring encrypted text message concept

Yes, text messages can be encrypted like emails. There are many methods to encrypt text messages just like emails. The most convenient way to send encrypted text messages is to simply switch to a messaging service that uses end-to-end encryption by default. There are many messaging apps out there that encrypt text messages by default. One of the best encrypted messaging apps is WhatsApp. Signal and Telegram are also good options if other contacts are willing to switch as well.

If switching to a different messaging service is too cumbersome, users can also sign up for a third-party tool that can encrypt messages. Such services can be used to encrypt messages and then send the messages to the intended recipients. One of the apps that will encrypt text messages for the user is ‘Encrypt Messages and Text’. This app is for users who want to send messages via text or SMS rather than a messaging app via WiFi. Generally speaking, both the receiver and sender of the message need to have the app mentioned above. Then, the two parties also need to agree on a password to decrypt the encrypted SMS message. Using the app, users can encrypt the message to be sent. Upon receiving the ciphertext via SMS, the receiver can copy-paste the text message into the app and use the password to decrypt the ciphertext.

For iOS users, the process is even simpler since iOS offers the iMessage app which offers end-to-end encryption. The iMessage app can read the Apple ID and use that with iCloud to provide end-to-end encryption to users of the iMessage app. In fact, the iMessage app is unique in that the app encrypts both sent and received messages and attachments.

An image featuring Signal application opened on phone

Android users have to make use of third-party applications (as mentioned before), the most recommended app for such a situation is Signal. Signal is available for all platforms including iOS, Windows, Linux, macOS, and Android. Users can install the relevant app from the official website (in turn either via Google Play Store, the App Store, or the Windows Store) and send messages to other users making use of the same app. The Signal app can also encrypt files, videos, audio messages, and voice notes. Signal is one of the few apps on the Android platform that offers end-to-end encryption. Best of all, Signal is open source.

A lesser-known but equally competent encrypted messaging service is Threema. Threema is different from other messaging services because the app puts privacy and security over everything else. Threema is not free though. Users have to pay a one-time fee to use the app. The official Threema app does not collect any user data and is completely open-source. Not only that, the Threema app is GDPR compliant, does not show any ads, offers end-to-end encryption, and does not require a phone number to register and use.

Zohair A. Zohair is currently a content crafter at Security Gladiators and has been involved in the technology industry for more than a decade. He is an engineer by training and, naturally, likes to help people solve their tech related problems. When he is not writing, he can usually be found practicing his free-kicks in the ground beside his house.
Leave a Comment