I could use a little assistance in tracking more phisher Spam. Here's a sample from one from Korea, with all o the rulesets available, none capture this type of spam. The spam redirects the user to a web page different than the one displayed in the email. I would think that this is a simple rule to implement.
<a target="_blank" href="http://211.202.3.208/event_1201/popup.files/.eBay/eBayISAPI.php?MfcISAPICommand=SignInFPP&UsingSSL=1&email=&userid=";> http://scgi.ebay.com/verify_id=ebay&fraud alert id code=00937614</a>
Any suggestions?
-- Albert E. Whale, CISSP - Sr. Security, Network, and Systems Consultant -------------------------------------------------------------------------------- http://www.abs-comptech.com & http://www.No-JunkMail.com ABS Computer Technology, Inc. - ESM, Computer & Networking Specialists SPAM ZapperTM - No-JunkMail.com - Spam-Zapper.com - SPAM Stops Here. President of the Pittsburgh InfraGard
