Link hovering doesn't work for corporate users of mail filtering services that rewrite URLs to point to their own lookup service. (The advantage being the lookup is at click time, not at mail delivery time.) If the destination URL for the original link's judged risk, you get a block page; if not, you get a 302 to the final destination. (I know of three such services, i suspect they're all either doing it or looking at doing it.)
Oh yeah and a million other attacks on mouseover / tooltips; here's one
https://www.darkreading.com/endpoint/new-attack-method-delivers-malware-via-mouse-hover-/d/d-id/1329105
Biting the hand that feeds IT
