Phishing fraud undetected

dnsadmin 1bigthink.com dnsadmin at 1bigthink.com
Thu Mar 16 15:33:57 GMT 2006


At 09:07 AM 3/16/2006, you wrote:

>Hello all,
>
>This morning I came across the following HTML code that was not 
>picked up by MS:
>
>>To ensure that your service is not interrupted,
>>
>>please update
>>your account information today<font
>>
>>color="#000099"><a
>>
>>href=" https://www.paypal.com/cgi-bin/webscr?cmd=_login-run">
>></a> </font>
>></font><b><font face="Arial, Helvetica, sans-serif"> <a
>>
>>href="http://lasvegasy.web.lowfathost.com/PayPal-Update/PayPal/update.htm"></u></font>
>><font style="FONT-SIZE: 9pt" color="#ff4040"><u>by
>>clicking
>>here.</a></font>
>
>I find it strange that there are 2 <A HREF=...> in a row but the 
>second one is clearly a phishing attempt.  Is it because the URL 
>does not start with www?
>
>I'm using MS 4.50.10-1.
>
>Thanks!
>
>Denis
Hello Denis,

Report to http://cgi.clamav.net/sendvirus.cgi

They've accepted and incorporated my phishing reports in the past.

Cheers,
Glenn 



More information about the MailScanner mailing list