> At least with HTML email, I can already link text to an arbitrary link.
The sender doesn't have to link to anything. Merely writing some non-whitespace characters, followed by a dot, followed by a TLD can trigger client software to automatically create a link, e.g. mentioning "attachments.zip" could cause client software - that is trying to be clever - to create a link to https://attachments.zip which might serve a malicious zip file. The receiver will think the sender created the link, but in actuality it was their own software that created it trying to be clever.
> This whole thing doesn't seem that important to me.
This affects any client software that creates auto-links for TLD's. The "solution" is software must never create an auto-link in the absence of a protocol, e.g. never auto-link "example.com" but "https://example.com" is ok.
Chat clients like whatsapp don't allow you to link text to an arbitrary link, but instead will automatically turns text "attachment.zip" into a link to http://attachment.zip
