Or the email is rendered HTML, where the expected URL is used as the text for an... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

kibwen 10 months ago | parent | context | favorite | on: Emailing a one-time code is worse than passwords

Or the email is rendered HTML, where the expected URL is used as the text for an anchor whose href is the malicious site.

KingOfCoders 10 months ago [–]

Pro tip: Hover over the link an check the URL. Or look at the source.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact