Re: OT: Completely OT: PAYPAL does it suck?
| From: | taliesin the storyteller <taliesin-conlang@...> |
|---|
| Date: | Wednesday, November 22, 2006, 8:07 |
|---|
* H. S. Teoh said on 2006-11-21 21:13:55 +0100
> depending on what you use to read your mail, you may or may
> not be able to tell what's the real address being linked to.
> I've actually seen spam containing Javascript that cloaks the
> real address (to a fraudulent site) and substitutes a
> legitimate one in its place visually. A similar trick is then
> employed on the fraudulent site to make it appear as though it
> were legitimate.
This of course only happens if the mail is HTML/non-plaintext,
which is yet another reason to be wary of mail that is HTML and
insist on plaintext. Turning off javascript in mail is not
sufficient because you can also use stylesheets to obfuscate
text and addresses in the mail. With some businesses/newsletters
there's a way of requiring that all mail be sent plaintext, for
instance a checkbox on the registration-form. I wish this was
more widespread though, and I consider the presence of such a
method to be a sign of professionalism.
t.
Reply