Cheryl wants to know if she can get infected by HTML email. Leo says yes. That's why she has to be careful what links she clicks on. But since she's using an iPad, she's protected. She can't get infected on that. Apple's iOS is very secure. But it's always a good idea to train herself not to click on links. If she gets an email from her bank for instance, she should just go to her browser and go directly to the bank's website.
How can she know if she's on a suspicious site? Leo says that browsers have gotten better at warning you about that. Webmail clients like GMail are also very good at filtering out bogus phishing emails. It's not perfect, but it's getting better. It also helps to not run as an administrator in Windows. Other things Cheryl can do include the following:
1. Use Google Chrome. It's free and far more secure.
2. Don't click on links in email.
3. Only get software from original vendors.
4. Keep antivirus software up to date.
5. Stop using Java
6. Use a password vault like LastPass
7. Turn on second factor authentication