Posted by Megalith 12:35 PM (CDT)
Tuesday September 12, 2017
Researchers are saying that only plain-text email is safe and we should all revert to it: while webmail is convenient for advertisers (and lets you write good-looking emails with images and nice fonts), it carries with it unnecessary and serious danger, as a webpage (or email) can easily show one thing but do another. Returning email to its origins in plain text may seem radical, but it provides radically better security.
"Organizations should ensure that they have disabled HTML from being used in emails, as well as disabling links. Everything should be forced to plain text. This will reduce the likelihood of potentially dangerous scripts or links being sent in the body of the email, and also will reduce the likelihood of a user just clicking something without thinking about it. With plain text, the user would have to go through the process of either typing in the link or copying and pasting. This additional step will allow the user an extra opportunity for thought and analysis before clicking on the link."