User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8) Gecko/20051111 Firefox/1.5 Build Identifier: Thunderbird 1.5 (Windows/20051201) Thunderbird failed to spot this as a phishing attempt. The suspect url was slightly obfuscated in the following way: "However, if you did not initiate the log ins, please visit Barclays IBank as soon as possible to check-up your account information:<br><br> <a href="http://koreabanks.com/board/data/now_connect1.php">ht<font>tps://iba</font>nk.ba<font>rclays.co.uk/olb/p/Lo</font>ginMember.do</a><br><br> Thanks for your patience.<br><br>" Reproducible: Sometimes Steps to Reproduce: 1. Phishing email is checked with Thunderbird before being sent 2. ???? 3. Profit Actual Results: 'Thunderbird thinks this might be an email scam' does not appear. Expected Results: Phishing warning should appear. Strip redundant html tags from url destination before comparison with legend. Comparison with header domains also?
Created attachment 209339 [details] Example of email concerned Target domain changed to example.com for privacy
*** This bug has been marked as a duplicate of 326082 ***