CampaignMonitor blogged today about an email they sent out that triggered the Thunderbird “this might be a scam” filter.
After a bit of tweaking, we discovered that Thunderbird systematically throws up this alert when it sees a URLs in your HTML email copy. In this case, we had made the mistake of adding the following line:
If you would like to support the National Wildlife Federation in protecting wildlife and their habitats, kindly donate at http://killspill.org/.
This isn’t just a Thunderbird filter, many of the spamfilters out there including those at the various webmail providers and those built into desktop email clients look at the same thing.
In some cases, they throw up a warning when the text in the <a href=””> tag is different from the visible text. For example:
<a href=”http://clickthroughlink.esp.domain.com”> http://killspill.org</a>
will trigger a warning in many email clients while
<a href=”http://killspill.org/”>http://killspill.org/</a>
won’t generate a warning. But in some clients, including apparently Thunderbird, the link <a href=”http://killspill.org/”> http://killspill.org/</a> will cause a scam warning.
These warnings themselves are a good thing. Overall, there are a lot of phishers and scammers use mis-matching links to attempt to deceive recipients into clicking on http://spammersite.com/ because they think they’re visiting http://amazon.com/.