| Summary: | Some scam emails are not properly detected | ||
|---|---|---|---|
| Product: | [Applications] kmail2 | Reporter: | Huanyu Liu <1293660441> |
| Component: | general | Assignee: | kdepim bugs <kdepim-bugs> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | CC: | montel |
| Priority: | NOR | ||
| Version: | 6.2.2 | ||
| Target Milestone: | --- | ||
| Platform: | Arch Linux | ||
| OS: | Linux | ||
| Latest Commit: | https://invent.kde.org/pim/messagelib/-/commit/be472c743d0b7483899bde9fee99385c3be09a01 | Version Fixed In: | 24.12.0 |
| Sentry Crash Report: | |||
| Attachments: | Email with obvious phishing links | ||
What is the problem ? Which apps do you use for seeing problem ? Regards (In reply to Laurent Montel from comment #1) > What is the problem ? > Which apps do you use for seeing problem ? > Regards I am using KMail 6.2.2. In the attached mail, there is a link to "register [dot] tsginhua [dot] cn [slash] [blahblahblah]", but the displayed text is "game [dot] tsinghua [dot] edu [dot] cn", which is obviously a phishing mail. I remember that KMail would warn me about this previously, but KMail said nothing this time, even though "Informs if message reading is a suspected email scam" is enabled. Ok I add a new autotest. Will see and debug it. Thanks Git commit be472c743d0b7483899bde9fee99385c3be09a01 by Laurent Montel. Committed on 13/10/2024 at 13:09. Pushed by mlaurent into branch 'master'. Fix 494603: Some scam emails are not properly detected( FIXED-IN: 24.12.0 M +2 -0 messageviewer/src/scamdetection/autotests/scamdetectionwebenginetest.cpp M +6 -1 messageviewer/src/scamdetection/scamdetectionwebengine.cpp https://invent.kde.org/pim/messagelib/-/commit/be472c743d0b7483899bde9fee99385c3be09a01 |
Created attachment 174742 [details] Email with obvious phishing links SUMMARY Some scam emails are not properly detected by KMail. See the attachment for an example (which is an official phishing test from Tsinghua University; some fields concerning personal information are modified). STEPS TO REPRODUCE 1. Make sure "Security → Informs if message reading is a suspected email scam" in KMail settings is enabled 2. Open the attached email (with obvious phishing links) OBSERVED RESULT Nothing is warned by KMail (no matter whether HTML Message is enabled or not) EXPECTED RESULT KMail should warn about potential phishing links (as what I have seen previously) SOFTWARE/OS VERSIONS Operating System: Arch Linux KDE Plasma Version: 6.2.0 KDE Frameworks Version: 6.6.0 Qt Version: 6.7.3 Kernel Version: 6.11.3-arch1-1 (64-bit) Graphics Platform: Wayland ADDITIONAL INFORMATION (None)