Created attachment 141198 [details]
STEPS TO REPRODUCE
1. Received spam email
2. View in Kmail with HTML enabled.
The spammer HTML is rendered bleeding over the message list component, this allows the scammer to fake information, as well as making their phishing attack more effective.
The mail client will prevent the email content corrupting the display of message metadata, so that users can make informed choices, and are less likely to be fooled.
(available in About System)
KDE Plasma Version: 5.20.5
KDE Frameworks Version: 5.78.0
Qt Version: 5.15.2
Created attachment 141199 [details]
HTML - from phisher - be careful
Attaching the decoded HTML from the email. Although I wouldn't have thought it useful for fixing the issues, it might help reproduce the test case.
Is it possible to save email as mbox and send me it (in private as you want).
Duplicate of 429393?
Created attachment 141217 [details]
mbox format spam
Agree on duplicate of 429393, although the description there isn't clear that the HTML can alter the headers entirely that is only picked up on in the comments.
*** This bug has been marked as a duplicate of bug 371656 ***