In most web browsers and email clients, when you move your mouse over a hyperlink, you will see the target URL displayed in the status bar at the bottom of the window. This can be a real giveaway for an obfuscated URL, so some effort has been applied to prevent this happening.
One elegant approach, if you can use that term in the context of
Internet fraud, is to replace a simple hyperlink with an HTML form that
contains just a single SUBMIT button.
In most cases this would stick out like a sore thumb, but through the
use of STYLE attributes you can make
this button look exactly like a regular <A> HTML anchor.
Placing your mouse over the fake anchor results in no message in the status bar. Here is a code snippet that shows this in action:
<form action="http://www.craic.com">
<input type="submit" value="http://www.craic.com"
style="font-family: times; font-size: 12pt; color: blue;
text-decoration: underline; border-width: 0pt; padding: 0pt;
background-color: transparent;" >
</form>The way you can tell the difference between a regular hyperlink and a modified submit button is by the cursor when you mouse over it. This changes to the familiar “hand” cursor when over a regular hyperlink, while staying as a basic pointer when placed over the submit button.
As with many of these tricks, different browsers treat them
differently. This one works as the authors intended in Firefox on Linux
and Internet Explorer on Mac OS X, but it still appears as a regular
SUBMIT button in Safari on a Mac OS X
system.