Recently, Somebody Somewhere wrote these words
> i got the following cute phishing attack. obviously since i use mutt +
> an htmt2text script it was easy to spot. but i can see it working on
> loads of people. i've compressed down some of the vertical spacing,
> but the misspelling of "payement" was in the subject. The links are
> footnoted at the bottom - note that all but #4 are legit.
It's a beauty all right. I so remember nearly falling for the
first one of those attacks I got - maybe I'm stupid. Did it
trigger this rule
70_sare_spoof.cf:meta SARE_FORGED_PAYPAL (__FROM_PAYPAL && __URI_PAYPAL && !__RCVD_PAYPAL)
70_sare_spoof.cf:describe SARE_FORGED_PAYPAL Message appears to
be forged, (paypal.com)
That's an excellent check. It lacks a "Received From paypal.com"
but is otherwise from paypal. Mutt here too. God help windoze
With best Regards,
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!