E-mail is inherently insecure. Just as sending a post card, any message sent by e-mail can be read by any number of people, including those monitoring the network path, the servers that process the message along its route, or anyone with access to the distant computer. Basically you should consider any information transmitted via e-mail as potentially ending up in the public. The only true way to protect your message is to use end-to-end encryption using OpenPGP or S/MIME certificates.
There are several articles available on the Internet but Riseup's *Encrypted Email* article really says it all. They also several other articles available on security in general.
ProtonMail, another fantastic resource, is an encrypted email service that makes it easy to protect your data and conversations. They still have a little ways to go with full integration of OpenPGP but they are definitely doing a fantastic job so far.