Is securedoc.html safe for me to use?
I want to open a file that was shared with me using securedoc.html, Can I open it safely? I got quite confused when I read the following discussion - The browser has a security sandbox. When you visit a site, that sandbox only permits code on that site to access content on the same domain. If you run html from your machine, then the sandbox now includes your filesystem - and thus can be used to access anything the user can.
Secure messaging of this nature via securedoc.html is indeed a real thing used legitimately. However, criminals know this and may well try to imitate a real secure message to lure their target(s) into opening unsafe attachments.
If you have verified the sender's address, then you are probably safe. But if you would prefer to take a cautious approach you could open the HTML file in a text editor such as Notepad. You can then read the HTML source code and view any scripts/links embedded within it without actually executing anything. With regard to browser sandboxing, that point is accurate as far as I know. Regardless, there are ways a capable attacker can escape a browser sandbox (although publicly disclosed methods are quickly patched to prevent exploitation).