Dealing with HTML emails can be chaotic, leading to frustration and potential security risks. Imagine falling victim to a phishing scam disguised as a legitimate email from a trusted source. This can happen due to the use of ‘kobold letters’, invisible elements in HTML emails that only appear when forwarded. This sneaky technique affects various email clients, demonstrating the vulnerability of HTML emails. While some clients like Gmail strip styling when forwarding emails, others like Thunderbird and Outlook are still susceptible. Mitigating these risks can be challenging, with users advised to disable HTML email or view it in restricted modes. Ultimately, awareness and precaution are key in navigating the dangers of HTML emails.
https://lutrasecurity.com/en/articles/kobold-letters/