3 critical weak points of most encrypted email services

Encrypted email providers are finding more and more users because they offer a higher level of privacy and security than regular email providers like Gmail, Yahoo or AOL. In this article we will list 3 important weaknesses of encrypted email services for privacy and security lovers.

Number 1. Only part of your email is encrypted

In contrast to slogans on Encrypted Email Providers’ websites, there is a lot of data at rest that never gets encrypted. For instance, ProtonMail only encrypts the content of your email.

The subject, sender and recipient are never encrypted. For example, ProtonMail staff, a hacker or authorities, can see that you – john@protonmail.com, have been talking with janet.from.accounting@protonmail.com. They can see that the email subject was “Our meeting on Friday”. The only thing they cannot read is the email body. It is still better than Gmail which can scan your email contents to provide you with ads that fit you best.

Tutanota, another popular email provider, does a better job with data encryption. They not only encrypt the email body, but also the subject. However, sender and recipient information is left unencrypted. The only email service we found to encrypt all of these 3 elements is CyberFear.

Number 2. Relying on trust

Even with open-source projects like Tutanota you still rely on trusting their team. The recent news by Heise.de revealed that Tutanota had a monitoring software installed on their servers.


According to the source, that software has already been removed. For this reason we recommend you to use email providers hosted in privacy-respecting countries.

Number 3. Lack of anonymous payment methods

Knowing you’re a privacy enthusiast, you don’t want to swing around your credit card to spread your private information. Unfortunately, only a handful of secure email services accept privacy-friendly payment methods. Posteo accepts cash. CounterMail, Mailfence and CyberFear accept cryptocurrency. The two most popular providers (ProtonMail and Tutanota) have not implemented crypto payment options yet.

Related posts

How to Get into Cybersecurity: A Beginner’s Guide

WordPress PWA – how to protect your Progressive Web Apps

The Future of Automated Testing with DAQ