Various techniques exist that enable service providers to receive and process messages (e.g., emails, short message service (SMS) messages, and the like) from various sources and allow users to view and take action on those messages. At times, the sources may be nefarious entities, such as criminals or illegal computer programs, that transmit messages to users that fraudulently induce disclosure of the user's personal information. This process of inducing disclosure of information via fraudulent messages is commonly referred to as phishing. Often, “phishing” is characterized as the criminally fraudulent process of attempting to acquire sensitive information (e.g., usernames, passwords, credit card details, etc.) by masquerading as a trustworthy entity in an electronic communication; thus, luring unsuspecting users to provide, what is otherwise, guarded information. In instances, phishing is carried out by sending an email or instant message, whose look and feel is similar to a legitimate email or instant message, to a user that directs the user to navigate to a fake website (i.e., spoofed website of a bank), and baiting the user into entering private information (e.g., bank account logon, user identification, social security number, and the like) at the fake website.
Service providers have taken steps to identify these phishing messages. Further, if the service providers have identified a message as a phishing message, the service providers may attempt to mitigate the damage potentially caused by the phishing message. However, when a client-side application that is not associated with the service provider is being used to access messages in the user's account, service providers fail to provide the user with adequate protection from the phishing message. That is, because most elements of the client-side application are not directly controlled by the service provider, the service provider is restrained from employing conventional techniques that inform the user of the phishing email.
As such, these present techniques are not configured to offer users adequate protective measures against phishing messages. Accordingly, employing a procedure to limit potential damage that a phishing message can cause when viewed from a client-side application, or a non-web mail client, would enhance the user's experience when viewing and taking action on messages in his/her account.