[Bug 307818] New: Fishing protection: KMail displays title in link not href
Thomas Tanghus
thomas at tanghus.net
Thu Oct 4 10:21:51 BST 2012
https://bugs.kde.org/show_bug.cgi?id=307818
Bug ID: 307818
Severity: normal
Version: 4.9.1
Priority: NOR
Assignee: kdepim-bugs at kde.org
Summary: Fishing protection: KMail displays title in link not
href
Classification: Unclassified
OS: Linux
Reporter: thomas at tanghus.net
Hardware: Ubuntu Packages
Status: UNCONFIRMED
Component: UI
Product: kmail2
Scammers often use title in links so to disguise the href, and KMail doesn't do
anything to protect from this. When hovering over a link in an HTML mail the
title is shown both in the hover tip and in the status line.
Reproducible: Always
Steps to Reproduce:
1. Open a scam mail such as the attached one.
2. Hover over the links to here linkedin.com
3. Both hover tip and status line shows the title, not the link.
Actual Results:
As described in reproduction steps.
Expected Results:
The link should be shown both in hover tip and status line.
I'm using KMail from within Kontact but that shouldn't matter.
On purpose I haven't filed this as a feature request, because I think it's a
basic security precaution that should be fixed.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the Kdepim-bugs
mailing list