Fake URLs in emails and web pages…

Man, I’m getting sick of people’s attempts to trick me… mostly because they are just pretty lame, and also because I feel sorry for the number of folks that are quite possibly being hit by these scams. One of the more recent tricks is sending me a notice about my “insert online service or bank here” account and providing me a link to go and enter my userid/password… and the link text is something like “https://www.paypal.com/trustedlink.php”, but the actual underlying URL is to “http://128.234.232.23/fakespammerssite.htm” … and it makes me think that some browser plug-ins could be useful here… especially if they worked for html content in email as well… how about checking the text against the url and if the text is structured to look like a valid link, but points to a different location then mark it as suspect… or make the URL visible on every link that isn’t already using its href value as its text… so a paragraph like this;

Click here to confirm your banking information!

Would automatically appear as

Click here [http://www.duncanmackenzie.net/] to confirm your banking information!

Maybe making the anchor tag disabled in the text appears to be trying to look like a different url would be a selectable option, turning

Click https://www.paypal.com to confirm your banking information!

into

Click https://www.paypal.com [Warning misleading link text detected!! Real target is http://www.duncanmackenzie.net/] to confirm your banking information!

For Outlook, this might be doable as an Outlook Add-in, one that scans and edits your HTML and rich formatted emails for you… you could do this for IE with an add-in … and I’m sure some of the recent html insertion tools for Firefox would work for this purpose (but not in Thunderbird, it uses the gecko engine, but I don’t believe that plug-ins applied to Firefox have any affect on viewing/browsing inside your email… maybe a thunderbird plug-in would be needed).

Fake URLs in emails and web pages…

4 Responses

  1. if outlook and all other email clients would start doing it, then phishers would start putting little images with url text in them

    AD June 13, 2005 at 1:53 pm #
  2. Duncan: The technique you describe is known as “phishing,” and there are indeed browser plug-ins available to unmask spoofed URLs, e.g.: http://www.corestreet.com/spoofstick/

    Phil Weber June 13, 2005 at 9:34 am #
  3. You can do this, with CSS. Well, you can do it in all modern browsers EXCEPT IE. it’s something like: a:after or something like that. Then, just apply a style sheet to every page (using it as an override) and bingo 🙂

    Nic Wise June 14, 2005 at 1:14 am #
  4. Sounds like a good idea. Perhaps you could have the options to “disable misleading links” or “ask before following link” to prevent you from accidentally clicking one. Internet Explorer shows you the destination url in the status bar, is it possible to show the destination url in Outlook?

    KM August 3, 2005 at 4:57 pm #

Leave a Reply