[MakeThemMoney]

Thank you!

- Browser 0-day vendor

[autoexec]

You aren't wrong. I've got a heavily locked down browser on an off-network device for working with questionable websites. While the vast majority of phishing sites aren't pushing malware spearphishing is another story.

[bee_rider]

IT still might not want you to follow the link.

* Other users might have, instead, an incompetently secured browser that they think is locked down on their work devices. It is hard for IT to distinguish between you and them.

* If the URL is personalized, it tells the attacker that the address is active. This is probably pretty limited help to the attacker. But it might tell them if your company emails follow a particular format, right?

[fkyoureadthedoc]

> * If the URL is personalized, it tells the attacker that the address is active. This is probably pretty limited help to the attacker. But it might tell them if your company emails follow a particular format, right?

I just asked chatgpt and it knows what email format the company I work for follows, so I'm not sure this is of particular value.

[autoexec]

It's useful, even if you aren't a scammer, but it's generally not hard info to get elsewhere.

[fkyoureadthedoc]

I feel truly sorry for whoever spends a browser 0-day giving RCE on me.

[planede]

It's good that I otherwise don't click on links in my browser during my day-to-day work. /s

[themoonisachees]

Good thing browser aren't able to display content of random unvetted third parties in exchange for money on any website you visit too :)

Adblock is a security measure at this point.