Sniffing outlook.com email

If an attacker on the internet wants to sniff/intercept the email of a person (ie. A@outlook.com), can he do so by just knowing the persons email address ?

Assume that 'A' is using outlook.com webmail as is. (without addition of any extra encryption like Mailvelope).

Also, the attacker is not part of the LAN that 'A' is on.

 

Just knowing the email address but not being connected to the same lan/wifi? I wouldn't think so. They'd have to be doing a sort of man-in-the-middle attack on you. https://en.wikipedia.org/wiki/Man-in-the-middle_attack
That'd mean also that they'd have to have access to something between wherever you send the email and wherever the outlook server is you're connecting to. So unless it's your ISP/Government you'd be more likely to be sent a keylogger by the average person trying to see what you're writing.

But the best way to be sure that no one is reading the email between your computer and who its meant for would be https://en.wikipedia.org/wiki/Pretty_Good_Privacy

 

Some large corporations (ie. large national banks) have alot of $$$$$$$ and dedicated IT security departments.

Although they may not have the budget of the Government, I would hazard a guess that any large corporation (ie national bank) has the money, resources,
and time to snoop around on its employees/persons of interest much better than the average person.

 

Then you also have to question how much you trust your email provider too. You gave the example of Outlook, well: http://www.engadget.com/2014/03/22/eff-warrants-for-windows-google/

 

Yes, trust in your email provider is very important. https://www.techdirt.com/articles/2...t-accounts-to-identify-windows-8-leaker.shtml
The connection from your computer to Outlook is encrypted, there may be ways to attack/bypass it if you do email on the network of a large corporation. However other ways can be a lot easier.
Most large corporations have their own email service or use a third party with mail hosted on their own servers. Even if employees use another sevice like Outlook, computers owned by the corporations often have RAT tools(commercial spyware) installed, so unless you use your own device and you can be sure there is nothing installed on it by the corporation you can be monitored as well.

 

The answer is NO, but there are two exceptions:
1. If the attacker is a government agency. In this case it can probably just ask outlook.com for data.
2. If the attacker is capable of hacking outlook.com and taking over the victim's account. While this is not impossible, I'd say it is pretty unlikely in a normal scenario.