[dev] Re: [cvs] commit: framework/MIME/MIME/Viewer html.php
Michael M Slusarz
slusarz at mail.curecanti.org
Fri Mar 4 08:36:51 PST 2005
Quoting Jan Schneider <jan at horde.org>:
> Zitat von Michael M Slusarz <slusarz at curecanti.org>:
>
>> slusarz 2005-03-03 22:12:37 PST
>>
>> Modified files:
>> MIME/MIME/Viewer html.php
>> Log:
>> More phishing tweaking
>>
>> Revision Changes Path
>> 1.23 +10 -3 framework/MIME/MIME/Viewer/html.php
>
> This won't work, because a lot of countries regularly use 4 parts in
> their hostname so that www.bbc.co.uk/ would match www.evil.co.uk/.
Didn't think about those last night (obviously).
> And I consider it really dumb from the sender to use different
> hostnames in the link and target. Did you meet a real world example of
> such a case?
Sure, all sorts of (valid) commercial emails I receive. An example I
saw yesterday - an email from Orbitz. The links were displayed as
"http://www.orbitz.com/hotdeal" while the actual href was
"http://email.orbitz.com/email_click_tracker?url=http://www.orbitz.com/hotdeal" (obviously, these are horrifc paraphrasing of the original links/URLs). There would be all sorts of confusion on the part of users if they receive phishing messages for these kind of
emails.
Maybe there is some kind of PEAR package that does these kind of
comparisions? I'll take a look when I get the chance.
michael
_______________________________________
Michael Slusarz [slusarz at curecanti.org]
More information about the dev
mailing list