One of their answers I don't really understand...
Q: A friend has sent you a link to an *.exe file with an invitation to run it. He/she is not online right now so you can’t check in with them. What should you do?
1. Trust my friend and click on the link.
2. Save the file and run a virus scan on it. If the file is clean, it’s probably ok to run it.
3. Never open the link, even if it’s from my friend.
4. Trust your firewall to block the file if it’s malicious.
Their answer:
The answer Choice 2) is correct. Let’s consider other choices to learn notes on the correct answer:
why these are not:
Choice 1): It’s risky to run executables downloaded from the internet even if they appear to come from a person you trust. Chances are it was not your friend who actually sent you the link but rather malware that impersonated your friend or used his/her credentials to spread via email or Instant Messaging. Never open executables obtained from the Internet without first checking them with an antivirus, or a combination of antimalware tools, for better diversity.
Choice 3): Why not open a link if all precautions are met, chances are it’s quite harmless. But before doing so, verify that the link belongs to a trusted source. If you see the link pointing to, for example, http://www.agnitum.com/download/Outpost ... nstall.exe, you may rest assured that it’s perfectly benign. But, of course, if you spot a link that has some suspicious connotations, you may never want to download it. Never run files obtained from the dubious sources!
Important to understand in this context is that downloading a malicious file won’t cause the infection, whereas opening it will certainly do.
Choice 4): The measures listed are not enough to block malware threat if the executable is launched. You should be mindful not to let malware activate in the first place.
Why isn't option 3 correct? Why option 2 is?
Choice 1 and 3 seems to contradict? Or I misunderstood it?