In this case the report includes a spammer’s link with in the hostname. It also appears to trap text URLs containing HTML-escaped characters, which explains the Spam Karma reports. Legit mailing lists sometimes do this with redirectors for tracking purposes.) (Phishers do this to fool you into going to their site. Links that claim to go to one site, but actually go to another.Links that only use an IP address, including dotted decimal, octal, hex, dword, or some mixed encoding.
The best information I found was this Mozillazine forum thread, which included a link to the actual code that makes the decision, in phishingDetector.js. Most of the articles I’ve found only talk about TB adding the feature, not how it works. The Thunderbird support website doesn’t seem to have been updated yet.
GOLDENKEY ORG SCAM HOW TO
I found myself wondering just how Thunderbird’s phishing detection decides that a message is suspicious-and how to teach it that the next LJ notice isn’t a scam. It’s hit LiveJournal reply notices, newsletters from IEEE and Golden Key, a Spam Karma notice from my own blog, and I’ve seen it on both outbid notices and updates to saved searches from eBay. But there’ve been a lot of false positives. Since SpamAssassin and ClamAV do such a good job of catching the phishing scams before they reach my inbox, Thunderbird has yet to catch any actual phish. Since upgrading to Mozilla Thunderbird 1.5 beta 2, I’ve seen a number of messages slapped with a warning label that “Thunderbird thinks this message might be an email scam.” It appears at the top of the message, in the same style as the junk mail notice bar or the warning that remote images have been blocked, and there’s a button to mark the message as “Not a Scam.”
0 kommentar(er)
