Closed Bug 288817 Opened 19 years ago Closed 19 years ago

password fishing by <a href="linka">linkb</a>

Categories

(Thunderbird :: Mail Window Front End, defect)

Product:
Thunderbird
Component:
Mail Window Front End
Platform:
x86
Windows 2000
Type:
defect
Priority:
Not set
Severity:
major

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 279191

People

(Reporter: bugzillaspambox, Assigned: mscott)

Details

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.6) Gecko/20050317 Firefox/1.0.2
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.6) Gecko/20050317 Firefox/1.0.2

I just recieved a mail from "ebay". They told me that my account data needs to
be updated. Well actually I am no ebay member (at least not anymore) and also
the mail has been handled as junk so I thought that there was something wrong.

At the end of the mail there was a link:
https://signin.ebay.com/ws/eBayISAPI.dll?SignIn

but it refered me to http://84.247.60.1/ebay

It simulates to be the login page of ebay, but i guess it's not.

In my case this wasn't a big deal, but i guess no everybody checks the details
of the page if he gets a message like this. so thunderbird should check if the
link is refered to an other host than it shows (<a href="linka">linkb</a> host
of linka is not host of linkb) then a message with a little warning should appear.

it's not a absolut necessary function of thunderbird, but try to image what
happens if this happens to you with your bank data or something worse. I still
marked it as a major problem because this is the easiest way of password fishing
and could be reproduced by nearly everyone. So i guess it's not wrong to say
that it should be fixed as soon as possible...

Reproducible: Always

*** This bug has been marked as a duplicate of 279191 ***
Group: security
Status: UNCONFIRMED → RESOLVED
Closed: 19 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.