|
Hi Rami-
I think you can safely conclude that when the link
shows a well-formed URL to the viewer and has a different address in the
link that there's something phishy going on.
I wonder if anybody's written something to detect
this?
-Dave
----- Original Message -----
Sent: Saturday, April 03, 2004 1:17
PM
Subject: [Declude.JunkMail]
Phishing?
Hi;
I just received
the following in our info account. I believe it is a phishing
attempt.
Attached is the
actual email.
The
source:
====================
<BODY>
<p><img
src="" width="296" height="51"></p>
<p>Dear
user!</p>
<p>We are informing you that today, the amount of
$719.00 AUD has been drawn out
of your
account.</p>
<p>Technical assistance of ANZ
Bank.</p>
<FORM action=""
method=get>
<A href=""http://www.anz.com">http://www.anz.com">
<INPUT style="BORDER-RIGHT: 0pt; BORDER-TOP: 0pt;
FONT-SIZE: 10pt; BORDER-LEFT: 0pt; CURSOR: hand; COLOR: blue; BORDER-BOTTOM:
0pt; BACKGROUND-COLOR: transparent;
TEXT-DECORATION: underline" type=submit
value=http://www.anz.com>
</a>
</form>
===================
Ideas?
Regards,
Kami
|
