I came across your blogpost and am wondering if you or anyone you know can help me to remove a phishing script (RoyalBank of Canada) from my humble little website. My site has been shutdown due to this phishing script. But I don’t know enough html to skillfully remove this script and my webhost wants me to delete my site entirely and replace it with a clean back-up. Problem is, I don’t have a clean back-up copy.

Any tips? Thanks in advance.

-L

Try Thunderbird->Preferences (or Tools->Options for Windows users) and then go to the “Privacy” tab. There will be an “E-mail Scams” tab that holds a single checkbox and a mysterious message:

“Thunderbird can analyze messagse for possible email scams by looking for common techniques used to deceive you.

[x] Check mail messages for email scams”

(it’s odd to me that they use “email” sometimes and “E-mail” other times)

Note that there is also an “Anti-Virus” tab that has an “Allow anti-virus clients to quarantine individual incoming messages” that I’m pretty sure is turned off by default. It might be nice to turn that on.

I did notice though that Thunderbird displays the true, underlying URL in the status bar when you hover your mouse over a link in an email.

That’s useful too.

Thunderbird’s junk filtering has an almost identical interface as Apple Mail’s, and Thunderbird’s scam filtering is very similar to that. When Thunderbird thinks an e-mail is a scam, it puts a big warning across the top of the message saying “Thunderbird thinks this message might be a scam” and then gives you the option of selecting “Not a Scam.”

Now, Thunderbird does not give you any option to do anything with these scams. Nor does it give you the ability (as far as I know) to flag a message as a scam that is not marked as a scam, so I’m not sure what sort of learning ability it has. You also cannot tell that it has marked a message as a scam unless you view the message. There is no “scam column” or anything.

So far it’s been pretty conservative about what it marks as scams without any training. I cannot tell if it’s gotten more accurate as I’ve started marking certain messages as not scams.

I also have not tried clicking on a link in a “scam” message. It would be pretty neat if Thunderbird warned you on clicking on a scam link. (but I doubt it does that)

It’s a very new feature, so I just thought it would be worth a note.