I was suggesting - a while ago, to make a more general check (which would
probably
be a plugin) - to detect phish based on different urls (e.g check whether they
end up at the
same ip) but was told that quite a lot of legit email have differing urls
While I understand that datbased systems may g
>-Original Message-
>From: Dan [mailto:[EMAIL PROTECTED]
>Sent: Wednesday, January 12, 2005 6:40 PM
>To: [EMAIL PROTECTED]
>Subject: phishing rule
>
>
>I am trying to write a rule to catch phishing schemes of this nature:
>http://legit-stie.com/login
>
>Is there anything wrong with this r
Dan wrote:
I am trying to write a rule to catch phishing schemes of this nature:
http://legit-stie.com/login
Is there anything wrong with this regexp?
/href=\"\d{1,3}(\.\d{1,3}){3}[^\"]*\"[^\>]*\>\s*http/
I realize that it is probably really error-prone, but that is why I am
throwing it out to this
