[Bug 163235] New: status bar shows forged html link in status bar instead of actual target when viewing phishing email
Robert Hogan
robert at roberthogan.net
Wed Jun 4 21:34:30 BST 2008
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
http://bugs.kde.org/show_bug.cgi?id=163235
Summary: status bar shows forged html link in status bar instead
of actual target when viewing phishing email
Product: kmail
Version: 1.9.9
Platform: Slackware Packages
OS/Version: Linux
Status: UNCONFIRMED
Severity: normal
Priority: NOR
Component: general
AssignedTo: kdepim-bugs kde org
ReportedBy: robert roberthogan net
Version: 1.9.9 (using KDE 3.5.9)
Installed from: Slackware Packages
OS: Linux
The html snippet:
<P><U><SPAN style=3D'color:blue'><a href=3D"http://www5.abbey.net.cfm93.net/servlet/?host=3D22shfdsnDshfdsnwhacrOrdn">http://ww2.abbeynational.net/servlet/?cookie=3D22shfdsnDshfdsnwhacrOrdn</A></SPAN></U></P>
results in the forged target being displayed in the status bar, rather than the actual target.
The full html snippet is:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.2900.2722" name=3DGENERATOR>
<title>Abbey: Private and Corporate Details Confirmation Webpage</title>
<STYLE></STYLE>
</HEAD>
<BODY>
<DIV>
<P><SPAN><img id=3D"qhc99c71" SRC=3D"cid:000901c8bef5$ab96040b$7301260a marica"></SPAN></P>
<P><B><SPAN>Dear Abbey Private and Corporate Banking customer!</SPAN></b></p>
<P><SPAN>Our Maintenance Subdivision is doing a planned Digital Banking Service upgrade</SPAN></p>
<P><SPAN>By clicking on the link below you will open the procedure of the user details verification:</SPAN></p>
<P><U><SPAN style=3D'color:blue'><a href=3D"http://www5.abbey.net.cfm93.net/servlet/?host=3D22shfdsnDshfdsnwhacrOrdn">http://ww2.abbeynational.net/servlet/?cookie=3D22shfdsnDshfdsnwhacrOrdn</A></SPAN></U></P>
<P><SPAN>These directions are to be e-mailed and followed by all members of the Abbey National On-line Banking</SPAN></p>
<P><SPAN>Abbey National does apologize for any problems caused to you, and is very grateful for your collaboration.</SPAN></p>
<P><SPAN>If you are not customer of Abbey eBanking please disregard this e-mail!</SPAN></p>
<P><SPAN>*** This is an automated message, please do not reply ***</SPAN></P>
<P><SPAN style=3D'font-size:8.5pt;color:#003399'>(c) 2008 Abbey Electronic Banking. All Rights Reserved.</SPAN></p>
</DIV>
</BODY>
</HTML>
More information about the Kdepim-bugs
mailing list