There may not be enough info in the subject line to tell if it is phishing so I think the point is moot. I guess the threat vector could be a zero day exploit for your email client in the body of the message but I don’t see how you’ll be able to detect a problem from just the headers unless it’s really obvious.
Yeah. If you’re targeted by a 0day you don’t really have a chance. If someone uses a 0day they might aswell spend 2 minutes checking the mail for plausibility.
If it’s not a 0day and your company hasn’t patched, probably not your problem. Curiosity > risk of 0day
Otherwise, if we extend this lane of thinking, you couldn’t visit any website you don’t know 100% is trustworthy. There could always be a 0day in your browser.
There may not be enough info in the subject line to tell if it is phishing so I think the point is moot. I guess the threat vector could be a zero day exploit for your email client in the body of the message but I don’t see how you’ll be able to detect a problem from just the headers unless it’s really obvious.
For context, my gf’s employers have been scolding people for opening them and I think that’s bullshit, mainly for what you just said
Yeah. If you’re targeted by a 0day you don’t really have a chance. If someone uses a 0day they might aswell spend 2 minutes checking the mail for plausibility.
If it’s not a 0day and your company hasn’t patched, probably not your problem. Curiosity > risk of 0day
Otherwise, if we extend this lane of thinking, you couldn’t visit any website you don’t know 100% is trustworthy. There could always be a 0day in your browser.