Re. Phishing fraud question

Julian Field mailscanner at ecs.soton.ac.uk
Fri Oct 15 15:09:12 IST 2004


<x-flowed>
At 14:54 15/10/2004, you wrote:
>Hi there,
>
>
> > Yes, it certainly should. There are a large number of these scams, and they
> > are on the increase very rapidly. My phishing code requires no "signatures"
> > or updates of any kind, it just looks for links that don't go where they
> > say they will.
> >
>maybe i am wrong here, but i guess this works that way:
>
>MailScanner checks the HTMl-Mail for the a href-tag and the text which is
>the link displayed in the mail,right?
>something like -a href="somewhere.com"-nothere.com-/a-  (sorry..but i do
>not want to use html-tags ;)

Yes.

>but some phishingmails do use images with the so called content and they
>do contain image-maps, which are behind the so called "text", but do link
>somewhere else..

There's not a lot I can do about that. I'm not about to write an entire OCR
system :-)
Most of that sort of mail will get picked up as spam by SpamAssassin, so it
shouldn't be a big problem.
--
Julian Field
www.MailScanner.info
MailScanner thanks transtec Computers for their support
Buy the MailScanner book at www.MailScanner.info/store

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
</x-flowed>



More information about the MailScanner mailing list