This is a question that I have been dealing with a lot lately. It seems that some are turning to reading other people’s emails, without explicit authorization. Why? There can be many reasons for someone to be motivated to illicitly read another person’s email. A major reason that I have encountered as to why people are trying to read the email of others is to get information that they can use to initiate or support a lawsuit.
So, what can be done if you suspect someone is reading your email? My first advice is to trust your instinct and check into it. Often, I have discovered that people that have suspected that their is being read are actually correct! How can you check into this? There are two options worth mentioning:
#1 – Check your email access logs, such as the Outlook Web, Pop3 or IMAP logs. When checking these access logs, look at the IP addresses of access. If you see unusual IP addresses, this may be an indication that someone is accessing you email.
#2 – Have someone with the proper capability send you an email message with a “web-bug”. (The EFF has a very good explanation of the details of a web-bug here .) A web-bug is just a small picture that is embedded inside an email. The trick here is that whenever someone reads the email message, they also see the picture. This picture, when accessed, leaves the IP address of the email reader in the web-server log file.
(Others may be able to suggest more options.)
Using the two techniques above, I have been able to detect, sadly, multiple instances where someone’s email has been read by another.
What can you do to help prevent someone from reading your email? The simplest, most effective thing to do is this: change the password that you use to access your email regularly. It sounds simple, I know. But, in a majority of the cases that I have worked, a simple password change would have blocked unauthorized access to emails.
There are rarer cases where internal employees, such as system administrators, have gained access to the email. In order to prevent this, email messages need to be stored encrypted. Note that, tough effective, implementing a solution such as this is usually much more difficult.
So, if you suspect that your email is being read, I recommend that you contact someone that is both authorized and capable to check into the matter as soon as possible. The sooner you can check into a suspected incident, the more complete the log files supporting the investigation will be.