Hacker News new | ask | show | jobs
by simooooo 3091 days ago
Never would have occurred to me that this could be used to intercept password reset emails. Very scary.
1 comments
clon 3091 days ago
At least it leaves a trail..

Many services state in the password reset emails that "if this was not initiated by you, ignore it", but it really should be the exact opposite - click the link below to report it!

link
aaron_m04 3091 days ago
My guess is they don't do this because somebody decided it would confuse users to have more than one link.
link
koolba 3091 days ago
And it also goes against the standard advice of never clicking on anything in an email.
link