|
|
|
|
|
|
by linuxalien
811 days ago
|
|
|
Unfortunately not. If there is a 0 day vulnerability, or you're running an older version of a browser for a known patched issue, you may find yourself with a remote code execution, or 0 click download. Or it could be another kind of exploit, maybe your email service is vulnerable to XSS attacks. Like operating systems, browsers can have security issues too. So trusting your browser to see if a phish is really a phish is just unnecessary risk. I've worked with clients that have ended up with crypto lockers from clicking the link. Even from the IT side, I'm not going to increase the risk by opening a known phishing link to check how good it looks. If I am, it's going to be in a system that doesn't have active logins to other systems/sites, and is in easily disposed and reset. Check out all the YouTubers getting channels hacked with session stealing. Yes, they are falling for phishing attacks, but you really don't know what the attack vector is going to be. It might just be a fake login, or it could be much more sophisticated. |
|
|