Link test differs from link location in plaintext view is not visible in Thunderbird



  • Today I noticed something strange.

    I got an email containing a link that links to another site than the text says. In (Simple) HTML, the review is visible when hovering over the link. However, in plaintext, in 3 out of 4 mails only the a.com was shown

    a.com
    <b.com>
    

    This makes me a bit worried however, since I only noticed the difference of displayed text and link location once another client answered, that probably had HTML view turned on.

    If I switch the view of the message body to Simple HTML, I need to check if the link matches the location visually, which I want to avoid, because that might be error-prone. I do know that I could configure my Thunderbird to simply show me puny-code, but then one unaware click in the wrong moment could be fatal.

    What are security-wise recent best practices to both protect yourself from clicking malicious links as well as detecting that someone has sent such a malicious link?

    Specifically, is there a way to always get shown

    a.com
    <b.com>
    

    in plaintext, but with the displayed part only marked as the link's location, whenever the link's text part displays an URL?



  • There is not going to be a way to force the link text to be the same as the target URL of the link. Else we couldn't have links.

    Since the very beginning, the advice has been to hover over the link to check where it goes. That advice has not gone away, as error-prone as that might be.

    To make things easier, you can always turn off HTML-view in your email clients. But that will make HTML-based email very ugly.

    Each email client might have tools to make this easier, but that will be up to each email client.



Suggested Topics

  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2