Would you ever send a postcard with your credit card number on it? You’d put it in an envelope wouldn’t you? Then why do you let people and companies send your credit card number and similar secrets without the electronic version of an envelope?
E-mail as generally used is more like postcards than letters. Anybody can see what you are sending and receiving in e-mail if they know how. All they need is a tool like Wireshark or Microsoft Network Monitor. These tools are free and easy to use.
What can you do about it? You can use public key cryptography to add an envelope to your e-mail. In the e-mail world, that means using either a variant of PGP or a variant of S/MIME. Those bring to the e-mail world what SSL and TLS brings to the Web world. You don’t use a shopping site online without its electronic envelope, so why use e-mail without its envelope?