Bug 423246

Summary: Obvious phishing URLs are not recognized
Product: [Applications] kmail2 Reporter: Laura David Hurka <laura.stern>
Component: generalAssignee: kdepim bugs <kdepim-bugs>
Status: REPORTED ---    
Severity: normal CC: laura.stern, montel
Priority: NOR    
Version: 5.14.2   
Target Milestone: ---   
Platform: Neon   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report:

Description Laura David Hurka 2020-06-19 21:05:05 UTC 
SUMMARY
KMail reports me various links as being “scam”, because they contain some odd detail, like ending with &. But a link like https://kde.оrg is not reported, although it is obviously a phishing link. (It contains a cyrillic o and points to https://kde.xn--rg-emc/)

STEPS TO REPRODUCE
1. Send https://kde.оrg as email to yourself

OBSERVED RESULT
Nothing special

EXPECTED RESULT
Shows me some warning about a non-ascii domain name

SOFTWARE/OS VERSIONS
KDE Frameworks Version: 5.71.0
Qt Version: 5.14.2

ADDITIONAL INFORMATION
I don’t know what scam means, the usual meaning is very vague on URLs. But based on the previous warnings, I expected KMail to recognize phishing links.
Comment 1 Laurent Montel 2020-06-23 05:06:11 UTC 
by default domain can support non ascii char.
It will create a lot of false result non ?
Comment 2 Laura David Hurka 2020-06-23 08:55:35 UTC 
Some browsers update the address bar to https://kde.xn--rg-emc/. Everything else proceeds as usual. What do you mean with false results?
Comment 3 Laurent Montel 2020-06-24 10:51:50 UTC 
"What do you mean with false results?" if we check each char to compare to no ascii it will signal all utf8 url even if it's not a phishing link.
Comment 4 Laura David Hurka 2020-06-24 15:03:23 UTC 
I was thinking that usually URLs are written in their ascii form. If you send a link which is intended to have a non-ascii domain, it will be marked as phishing. Every domain that is actually like höhö.com will be a false positive, but I think these are rare.

Of course my idea is to check only the domain name, not the whole URL.