Modern email clients try to safeguard us from malicious code injected in HTML emails. They might help by flagging suspicious looking senders, or hiding embedded images. But getting junk email is like being forced to visit some weird Russian site offering BitCoins. How many of us still maintain “oh but we don’t visit shady sites so there’s no real risk”? And yet, when someone with malicious intent can send this to us directly, we expect the amazingly dated browser in what, Outlook to keep us safe?