Depends on where you access the link. In my techsupport experience people are very dumb, some people fall for any and every scam and the best way to safeguard against employees at a company from downloading malware is to just tell them to never click on links they get in emails.
Yes when you load a website it is mostly confined in one part of your pc storage but in that space it can still do a lot. It can read temporary files or cookies which can give some insight into the user and assist with making any scams or malware look more legit. It can also try to monopolise a computer’s resources like RAM so that the device slows down. This too can be used to try to convince people they have a “virus” and need to download the scam groups malware to “fix the pc”