How to Encrypt Email Messages Where It Matters the Most

11 Mins Read

PureVPN UpdatesHow to Encrypt Email Messages Where It Matters the Most

Do you know 96% of phishing attacks arrive by email? 

As alarming as it sounds, most people have no clue on how to protect their email messages or ensure their confidential attachments don’t fall into the wrong hands.  

Why Do You Need Encryption

Everyone needs a padlock on their email because phishing is one the easiest and common cyberattacks that can cripple an organization by stealing it’s private data. An employee might click on a malicious link in an email that can suck your information. That’s scary!

The Biggest Email Phishing Attacks in the Past

Phishing is real, and it’s happening everywhere. Let us share a few recent examples of phishing attacks to make you believe that we are not joking at all. 

Emotet Resurfaced

According to a survey, Emotet was behind thirty percent of all malware attacks around the world. That’s like one-third of all attacks! The people working for Emotet were once again hurting many organizations during the once-in-a-century pandemic as most employees were working remotely and were not hardwired with rock-solid security protocols.  

COVID-19 Relief Scam

Cyberattacks skyrocketed in 2020 and cybercriminals were finding every way to manipulate people and steal their private information, turns out most internet users are gullible. One of the biggest scams was the COVID-19 relief scam where threat actors were sending out emails by disguising themselves as government agencies and trying to steal user’s private information. 

Solarwinds Under Attack

Probably the biggest attack last year was on Solarwinds, an IT Management software company that works with high-level government agencies. Many reports are saying that it is a state-sponsored attack because Solarwinds work closely with the United States government and there is no way to launch a cyberattack without getting help from the government, be it Russia or China. We are not pointing fingers here. 

Microsoft 365 Leak

According to a survey, Microsoft 365 experienced the most number of leaks and credential stuffing. After the attack on Solarwinds, many reports were linking it to Microsoft 365 because cybercriminals penetrated Solarwinds systems via Microsoft 365 during a security update. 

The list doesn’t end here and organizations will continue to face phishing attacks if the employees don’t follow security protocols. Some of the benefits of sending encrypted emails include: 

  • Secure communications between remotely-working employees
  • Protect your business information from competitors and nasty hackers 
  • Avoid data leaks especially when you are working for government agencies
  • Keep your identity safe from threat actors 
  • Prevent snoopers from accessing data backups

How Email Encryption Works

Encryption is a simple process that hides your incoming traffic or messages. It’s as simple as that. The person with the encryption key can view the messages and no one else can see them. This is how email encryption works too in simpler words. 

To further dig down to the details and understand more about email encryption, you need to know about public-key cryptography. If someone is sending you an anonymous email then you can only access it using digital codes, also known as encryption keys. A numbered-code, private key, can easily decrypt that hidden message and allow you to access the email. 

You must be thinking what is a public/private key? 

A public/private key, a set of digital codes, are saved on a server which anyone can access. The public key also tells your real name and email address. When someone is sending you an encrypted email, he or she will use that public key to ensure the message remains private and hidden. Only you can access the encrypted message by using a private key so the message remains encrypted. 

That’s how clear email messages are turned into scrambled and unreadable. The process is called public-key cryptography and most organizations use it. Further, public-key cryptography makes encryption more secure and it falls down on how smart the recipient is with their encryption code.


List of Different Protocols for Email Encryption

In this thread, you will learn a few different email encryption protocols that are commonly used. 

TLS Encryption Email

TLS, Transport Layer Security, is email encryption that protects the content of an email in transit whenever you are sending an email. The best part is if the person you are sending an email is also using TLS protocols then the email communication will be completely encrypted. 

TLS also protects your emails from Man-in-the-middle (MITM) attacks. Here’s how to use TLS Encryption:  

  1. Go to Google Chrome > Alt + F > Settings.
  2. Scroll down to choose Show Advanced Settings. 
  3. Now select Network > Change proxy settings > Advanced
  4. Go to the Security category.
  5. Check the boxes: Use TLS 1.1 or Use TLS 1.2. 

End-to-end Email Encryption

This type of encryption protects your email contents from MITM attacks and many other intrusions. Your email is encrypted from the moment you send it to someone and the recipient receives it. It can be a bit tricky to use end-to-end encryption if you haven’t used it before. You need to know about private and public keys to enable end-to-end encryption. 

To send an end-to-end encrypted message, you have to use a public key of the recipient (the person you are emailing). The public key is an encrypted code and includes the recipient’s email address and name as well. Once you have sent an encrypted message, the recipient will use his private key to decrypt that email content. 

Easy peasy! 

Follow the steps below to send end-to-end encrypted emails:

  1. Create a keypair from the database
  2. Access the recipient’s public key.
  3. Now create a new email. 
  4. Select the sign “Sign, Encrypt, and Email.”
  5. Submit your password and click Confirm.

PGP (Pretty Good Privacy)

You can also use PGP email encryption to send private emails to multiple recipients. There are a few downsides of using PGP to encrypt emails. First, you might struggle to access the public keys of your recipient. If you need a public key then you have to ask the recipient. 

PGP (Pretty Good Privacy)

Further, if the recipient lost his device then you have to go through the full gamut of sending public keys again to all other email recipients. This is how PGP email encryption works:

  1. The recipient will create a private key and public key. 
  2. He will send you his access key. 
  3. You will encrypt the email message using that public key and send it to the recipient. 
  4. The recipient will use a private key to decrypt that message. 

GNU Privacy Guard (GPG)

GNU Privacy Guard (GPG)

GNU Privacy Guard is solely used for encrypting emails using symmetric and asymmetric functionalities. However, GPG also uses the PGP protocol to help users encrypt their email. When it comes to asymmetric encryption, the sender will encrypt an email using a public key and the recipient will access the email via his private key. You can install GPG software and get started with this type of email encryption if it suits your needs. 

Secure/Multipurpose Internet Mail Extensions (S/MIME)

You can leverage digital certificates while using this type of encryption. However, the biggest disadvantage of S/MIME is that you can’t integrate this encryption with Gmail or any other web portals. You have to store private keys on a server, which is not a good privacy choice, in case the devices are stolen or lost.  

Now comes the good part! You can use S/MIME in your iOS or OSX device. You won’t struggle using S/MIME because it is super easy to maintain. Here’s how to enable S/MIME for your regular emails on your administrator accounts: 

  1. Log in to your account. 
  2. Now click on Apps > G Suite > Gmail > User settings
  3. Select your organization from the Organization tab.
  4. Turn on the S/MIME box. 
  5. Enable users to submit their own S/MIME certificates.
  6. You can also manage Root certificates if you wish to. 
  7. Select Save.

With the help of email encryption, you can transform private messages into scrambled data that is impossible to decipher, and only an encryption key can decode the encrypted text. Learn a few other ways to keep your email security air-tight. 

How to Encrypt Email Messages in Outlook via S/MIME Encryption

All you need to do is get a digital ID or certificate from your network administrator to start the encryption process via S/MIME encryption. Here’s how you should get started: 

  1. Go to File > Options > Trust Center > Trust Center Settings > Email Security
  2. Select Settings from the drop-down menu of Encrypted email. 
  3. On the Certificates and Algorithms option, select Choose > S/MIME encryption > OK

It’s simple and easy-to-follow. 

However, if you are an existing Microsoft 365 subscriber and have a S/MIME certificate installed on your device then you have to follow these steps:

  1. Open a new email message. 
  2. Select Options > Encrypt > Encrypt with S/MIME

How to Encrypt Email Messages in Outlook via Microsoft 365 Message Encryption

Here’s what Microsoft 365 subscribers can do to encrypt their email messages: 

  1. When creating a new email message, select Options > Encrypt.
  2. Choose Do Not Forward or Encrypt-Only (that’s up to you.) 

Are you using older versions of Microsoft Outlook, maybe 2016 or 2019? You can follow these steps:

  1. Choose Options in an email message.
  2. Select Permissions > Do Not Forward.  

How to Encrypt all Outgoing Email Messages

Encrypting all outgoing messages is fast and easy, but there is a catch. You have to ensure all recipients have digital ID (key) to decode your encrypted messages. Anyways, here’s how to do it: 

  1. Select Options from the File tab. 
  2. Choose Trust Center > Trust Center Settings
  3. Select Encrypt content and attachments for outgoing messages from the Email tab. 
  4. Choose a specific certificate from the additional settings option. 

How to Encrypt a Single Message

You can encrypt a single message on Microsoft if you want to save the hassle of adding or removing all email messages. This is how to do it: 

  1. Choose Message options from the top.
  2. Choose encrypt this message (S/MIME).

Further, if you have encrypted a single message but Microsoft Outlook doesn’t allow it for some reason, you will see a warning explaining some recipients didn’t receive an encrypted message. 

Encrypting Gmail Messages

Use confidential mode on Gmail to hide your private information and block unwanted access to your messages. The confidential mode can help you create an expiration date when sending messages or block authorized access at any point. 

How to Confidentially Send Private Messages and Email Attachments

You can encrypt messages using the below guide on your laptop, iOS, and Android devices. 

  1. On your Gmail, click Compose.
  1. Turn on Confidential Mode from the bottom. 
  1. Pick an expiration date or a password that can hide your outgoing messages and attachments.
  1. Choose Save and you are done. 

Also, remember: 

  • Your email recipients can open any attachment if you select No SMS passcode. For those recipients who are not using Gmail, they will receive a passcode via email.
  • Your email recipients will receive a passcode via text message if you select SMS passcode. 

How to Remove Early Access on Gmail

  1. Open Gmail > Sent.
  2. Select your confidential email.
  3. Choose Remove access. 

How to Encrypt Email on an iOS Device (iPhone or iPad)

The good news is you can use S/MIME encryption on any iOS device. Here’s how you can send encrypted messages to other iOS users: 

  1. Go to Settings > Accounts & Passwords
  2. Select your Account > Advanced
  3. Switch on S/MIME encryption
  4. Select Sign and turn on the option. 
  5. Go back to your Account > select Encrypt by default
  6. Visit Yahoo Mail and compose a message.
  7. Click on the lock icon to ensure you are sending an encrypted message. 

How to Encrypt Email on a Mac Device

You might need assistance from a certificate in your Keychain to send or receive encrypted emails. Here’s how: 

  1. Start Keychain Access: Go to Macintosh HD > Select Applications > Choose Utilities > Click Keychain Access.
  2. Select Certificate > Request a Certificate from a certificate authority
  3. Enter your personal information into the request form such as CA Email Address. 
  4. Pick an option to either save the information to Disk or choose email to the CA. 
  5. Select Continue > Saved to Disk > Open certificates via Certificate Assistant > Issuing CA
  6. Choose Continue > Create a certificate for yourself.
  7. Continue > Create > Again choose Continue > Done > Keychain.   

Besides Encryption, What Else Can I Do to Boost Security?

If you think encryption is a bit too much or the steps above are technical or time-consuming, here are a few cyberhygiene tips you can follow to secure emails:

  • Avoid clicking on unknown links or email attachments
  • Use multi-factor authentication no matter the account you are using
  • Update your email accounts 
  • Try screen locks on your computer and mobile devices
  • Create a strong password and change it every month
  • Don’t click on suspicious emails 

Security is not a Product Anymore but a Necessity

As you spend more time online, hackers and government agencies are trying to track your information and private data. All you can do is stay anonymous and browse the internet without any snooping. We hope now you can upgrade your email security and avoid becoming a victim of phishing attacks. 

More from PureVPN: 

Have Your Say!!

Join 3 million+ users to embrace internet freedom

Signup for PureVPN to get complete online security and privacy with a hidden IP address and encrypted internet traffic.