[Bug 163235] New: status bar shows forged html link in status bar instead of actual target when viewing phishing email

Robert Hogan robert at roberthogan.net
Wed Jun 4 21:34:30 BST 2008 

------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
         
http://bugs.kde.org/show_bug.cgi?id=163235         
           Summary: status bar shows forged html link in status bar instead
                    of actual target when viewing phishing email
           Product: kmail
           Version: 1.9.9
          Platform: Slackware Packages
        OS/Version: Linux
            Status: UNCONFIRMED
          Severity: normal
          Priority: NOR
         Component: general
        AssignedTo: kdepim-bugs kde org
        ReportedBy: robert roberthogan net


Version:           1.9.9 (using KDE 3.5.9)
Installed from:    Slackware Packages
OS:                Linux

The html snippet:

<P><U><SPAN style=3D'color:blue'><a href=3D"http://www5.abbey.net.cfm93.net/servlet/?host=3D22shfdsnDshfdsnwhacrOrdn">http://ww2.abbeynational.net/servlet/?cookie=3D22shfdsnDshfdsnwhacrOrdn</A></SPAN></U></P>

results in the forged target being displayed in the status bar, rather than the actual target.

The full html snippet is:

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.2900.2722" name=3DGENERATOR>
<title>Abbey: Private and Corporate Details Confirmation Webpage</title>
<STYLE></STYLE>
</HEAD>
<BODY>
<DIV>
<P><SPAN><img id=3D"qhc99c71" SRC=3D"cid:000901c8bef5$ab96040b$7301260a marica"></SPAN></P>
<P><B><SPAN>Dear Abbey Private and Corporate Banking customer!</SPAN></b></p>
<P><SPAN>Our Maintenance Subdivision is doing a planned Digital Banking Service upgrade</SPAN></p>
<P><SPAN>By clicking on the link below you will open the procedure of the user details verification:</SPAN></p>
<P><U><SPAN style=3D'color:blue'><a href=3D"http://www5.abbey.net.cfm93.net/servlet/?host=3D22shfdsnDshfdsnwhacrOrdn">http://ww2.abbeynational.net/servlet/?cookie=3D22shfdsnDshfdsnwhacrOrdn</A></SPAN></U></P>
<P><SPAN>These directions are to be e-mailed and followed by all members of the Abbey National On-line Banking</SPAN></p>
<P><SPAN>Abbey National does apologize for any problems caused to you, and is very grateful for your collaboration.</SPAN></p>
<P><SPAN>If you are not customer of Abbey eBanking please disregard this e-mail!</SPAN></p>
<P><SPAN>*** This is an automated message, please do not reply ***</SPAN></P>
<P><SPAN style=3D'font-size:8.5pt;color:#003399'>(c) 2008 Abbey Electronic Banking. All Rights Reserved.</SPAN></p>
</DIV>
</BODY>
</HTML>

More information about the Kdepim-bugs mailing list