Reply to post: Re: The NSA isn't trying to exploit everything it can find

Biden to Putin: Get your ransomware gangs under control and don’t you dare cyber-attack our infrastructure

Michael Wojcik Silver badge

Re: The NSA isn't trying to exploit everything it can find

a real plaintext mail is completely bulletproof

That's simply not true. We have plenty of documented instances of successful spearphishing and BEC using plaintext email (or, at any rate, not using links or other HTML features as part of the exploit). We have plenty of instances of other email-based social engineering that doesn't require HTML, such as 419 scams.

I expect there are cases of conventional phishing working through plaintext email. There's no reason why you can't in principle convince some users to copy and paste a hostile URL.

Social engineering works over any human communications channel.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon