Thunderbird link mismatch and fighting scams
Even though I mostly use Mutt as mail client, I sometimes use the awesome Mozilla Thunderbird, mostly for complex HTML messages with links to click.
As I wanted to register to a trail race recently, I had to use Thunderbird, and upon clicking on the "register" link, a pop-up appeared:
This is nice, and probably has been implemented a while ago - I just hadn't noticed it yet.
A good example of "doing things right" and giving users indications about something wrong possibly happening - in that case the link that I clicked on "inscription-hivernalesdestempliers.com" was in fact a different one, with a more than suspicious domain used: awstrack.me.
This was in fact legitimate, as a quick search on Reddit confirmed that this is the domain used by AWS' SES services (Simple Email Service).
Which brings me (back) to another topic I wrote a few times about on this blog (here in English and here in French): why do companies feel the urge to use domain names that are super weird/suspicious, defeating the thin fences that users have when it comes to phishing/scamming?
Tags: IT