Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Addon to "defang" fraudulent links in emails?

  • 2 replies
  • 1 has this problem
  • 4 views
  • Last reply by Toad-Hall

more options

AFAIK a common phishing technique is to insert a legitimate-looking URL into the malicious message, but when the unsuspecting victim clicks the link, their browser is redirected to the actual, malicious URL. Attached image is courtesy of it.sheridancollege.ca.

Many financial institutions warn customers NOT to click links in emails but rather, to select and copy the displayed URL then paste it into their browser. BUT - how many people will remember the discipline to do this?

It seems to this amateur that it should be possible to compare the domain shown in the displayed URL, with the real URL to which the browser will be directed. If the domains are not identical, an addon (theoretically) could convert the link to plain text, rendering it NON-clickable and protecting the recipient.

I hoped to find a Tbird addon that does this, but did not. Any opinions as to whether this concept is (a) doable and (b) helpful? Thanks

AFAIK a common phishing technique is to insert a legitimate-looking URL into the malicious message, but when the unsuspecting victim clicks the link, their browser is redirected to the actual, malicious URL. Attached image is courtesy of it.sheridancollege.ca. Many financial institutions warn customers NOT to click links in emails but rather, to select and copy the displayed URL then paste it into their browser. BUT - how many people will remember the discipline to do this? It seems to this amateur that it should be possible to compare the domain shown in the displayed URL, with the real URL to which the browser will be directed. If the domains are not identical, an addon (theoretically) could convert the link to plain text, rendering it NON-clickable and protecting the recipient. I hoped to find a Tbird addon that does this, but did not. Any opinions as to whether this concept is (a) doable and (b) helpful? Thanks
Attached screenshots

All Replies (2)

more options

re :It should be possible to compare the domain shown in the displayed URL, with the real URL to which the browser will be directed.

This ability is already available. When anyone receives an email with a link, it is normal practise to hover over the link to see whether the real link is exactly the same as the stated link. The real link would be displayed in the bottom status bar.

If there is any anomally and sometimes it can be tricky to spot if somone replaces an 'i' with a number 1 (one), the you should never click on the link. You cannot assume the email has been sent from the person who owns the email address, as there are nefarious people who abuse other peoples email addresses.

This is the normal practise which all email users should use and be aware of using. Hovering over a link is not difficult and a whole lot easier and quicker than any other method. After all, you have to move the mouse to that position before you actually click, so the info is already visible before clicking.

more options

Just to prove a point. It is also common practise to use something that says; Get Thunderbird here where a few short words are used legitimately rather than enter a longer and no so attractive website address.

So, it can used to good effect.

I suppose the bottom line is that you cannot stop people from clicking on links they refuse to check.