Phishing fraud undetected

Denis Beauchemin Denis.Beauchemin at
Thu Mar 16 14:07:00 GMT 2006

Hello all,

This morning I came across the following HTML code that was not picked 
up by MS:

> To ensure that your service is not interrupted,
> please update
> your account information today<font
> color="#000099"><a
> href="">
> </a> </font>
> </font><b><font face="Arial, Helvetica, sans-serif"> 
> <a
> href=""></u></font>
> <font style="FONT-SIZE: 9pt" color="#ff4040"><u>by 
> clicking
> here.</a></font>

I find it strange that there are 2 <A HREF=...> in a row but the second 
one is clearly a phishing attempt.  Is it because the URL does not start 
with www?

I'm using MS 4.50.10-1.



  °v°   Denis Beauchemin, analyste
 /(_)\  Université de Sherbrooke, S.T.I.
  ^ ^   T: 819.821.8000x2252 F: 819.821.8045

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3226 bytes
Desc: S/MIME Cryptographic Signature
Url :

More information about the MailScanner mailing list