Internet Users Are Unaware of Email Privacy Issues, NordVPN's Survey Finds

NordVPN conducted a survey which showed that most of the surveyed Internet users trust big-name email providers despite multiple breaches, and are unaware of encrypted email services

​​NordVPN’s recent survey has shown that people mostly trust big-name email providers, such as Gmail, Outlook and Yahoo. It is believed that these are privacy-focused services, and most people are not able to tell which of the providers actually care about one’s privacy and security, such as ProtonMail.

Out of over 2,000 respondents, 36 percent said they thought Gmail was the most privacy-focused email provider, followed by Outlook (22%) and Yahoo (14%). The majority – 43 percent – did not know how to answer the question.

We at NordVPN try to remind people to put their online security into their own hands: to use strong passwords, encrypted email providers, and VPNs.

Marty P. Kamden, CMO

The same respondents were not able to identify email providers that are actually privacy-focused – such as Countermail (4.5%), ProtonMail (6.3%) and Tutanota (3.56%).

Gmail, Outlook and Yahoo are amongst the most popular email service providers, no matter that each one of them has experienced numerous hacks, data breaches or pose a general threat to one’s privacy.

Recently, the news came out about over a million of Gmail and Yahoo accounts being sold online for bitcoins. The account data included usernames, emails and passwords. 

One of the largest online incidents involves around 500 million Yahoo emails stolen in 2014. In the most recent attack, 32 million Yahoo emails were affected.

In 2016, over a million of Microsoft Office clients (which includes Outlook) were hit with a ransomware attack, and it took Microsoft more than 24 hours to respond and to start blocking the infected attachment.

Some of the data leaks happen to email providers that are not able to protect users’ data, such as Yahoo. Others, such as Gmail, haven’t experienced direct leaks (only when users’ credentials have been stolen from other platforms, such as MySpace), but Gmail is known to be as one of the most intrusive into users’ privacy with the requirements for personal information.

On the other hand, there are email service providers that offer encryption, privacy and security from data breaches – such as ProtonMail, Tutanota and Countermail. However, they are much less popular, and unknown by most survey respondents.

“The scale of the breaches regularly experienced by popular email providers raise concerns about how big companies protect their data,” says Marty P. Kamden, CMO of NordVPN (Virtual Private Network). “We at NordVPN try to remind people to put their online security into their own hands: to use strong passwords, encrypted email providers, and VPNs.”

Here’s what Internet users can do protect their online safety:

1. Switch to an encrypted email provider, such as ProtonMail. ProtonMail is a free encrypted email service provider, offering end-to-end encryption – meaning even the provider itself cannot decrypt and read subscribers’ emails. No personal information is required to create accounts, and the basic account service is offered free of charge. Other secure email providers include Tutanota and Countermail.

2. Use strong passwords and a password manager. Perhaps the most basic requirement for any online account setup is using strong passwords, and choosing different passwords for different accounts. Weak passwords make it simple for hackers to break into an account. A strong password has a minimum of 12 characters, and includes a strong mix of letters, numbers and characters. It’s not easy to remember strong passwords for each site, so it’s recommended to use a password manager, though some – such as LastPass – have also experienced security breaches. In any case, password managers are still recommended for safety and security – such as, LastPass and 1Password.

3. Turn on multi-factor authentication. Multi-factor authentication is a security system that will let a user access their online account after they log in with their username and password, and then require the second-step authentication: either through a fingerprint scan or by sending a code via text. Most sites, including email providers, already offer multi-factor authentication as an option.

4. Use a VPN. VPNs encrypt all traffic between a user’s computer and a VPN server, providing complete privacy and security in Internet browsing experience. The only information visible to any intruder or hacker is the connection to a VPN server and nothing else. All other information is private as it is encrypted by the VPN’s security protocol.

NordVPN is determined to secure users’ data with features like automatic kill switch and a strict no logs policy.

To find out more about NordVPN, please visit

Source: NordVPN