There is an article advocating that that “The only safe #email is text-only email” ( https://theconversation.com/the-only-safe-email-is-text-only-email-81434 ). Why don’t the authors advocate also that “the only safe web page is text-only page”?
Perhaps the real issue is the verification of message authenticity, not the format used. If I cannot trust that an email originates from, let’s say, my bank, then why should I bother reading it and potentially following links at all?
@ajroach42 That’s roughly what I’m pointing at. Email clients are used in a less secure way, hence in a typical setup it is difficult to authenticate message. This seems to be a bigger problem than format, as once I trust the sender, I may care less about links (similarly as I would treat them when browsing trusted web resource).
Thunderbird once had the extension named Enigmail. I would bet that it still works.