Has anybody written a filter that would detect links that present a link to one place (ie: paypal) but actually link elsewhere (ie: some server in Korea)?
As an example, this was clipped from a phishing expedition I received a few minutes ago: <a href="http://smba.swu.ac.kr/css/cash/hide/index2.htm";> https://www.paypal.com/fraudcheck/secure/bill.html?sl=070304</a> It would seem a relatively easy thing to detect.. -Dave Doherty Skywaves, Inc. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
