This Confluence has been LDAP enabled, if you are an ASF Committer, please use your LDAP Credentials to login. Any problems file an INFRA jira ticket please.

Page tree
Skip to end of metadata
Go to start of metadata

Anti-phish 'fake URL' rule idea

I have a great idea for an anti-phishing rule, detecting links that claim to be linking to a different URL than their real target! Will it work?

Take a look at bug 4255 in our Bugzilla – this idea has been tried in many forms, and mostly unsuccessfully. A lot of nonspam senders use this, for some reason.

Here are some examples of real-world false positives:

  <a href="http://www65.americanexpress.com/clicktrk/Tracking?mid=MESSAGEID&msrc=ENG-
ALERTS&url=https://www.americanexpress.com/estatement/?12345">https://
www.americanexpress.com/estatement/?12345</a>

  <A HREF="http://echo.epsilon.com/WebServices/EchoEngine/T.aspx?l=ID">https://www.hilton.com/
en/ww/email/tab_email_subscriptions.jhtml</A>

If you'd like to comment further, please do so on bug 4255.

  • No labels