During last night I received a phishing message with a new (to me anyway) form of obfuscation which can only be used inside HTML body text using us-ascii encoding. The obfuscation was apparently aimed at SA and similar scanners because its not obvious to anybody reading the message: every 'o' (0x6f) in the text is replaced by ο
My Perl-fu isn't good enough to encode this in a regex - can anybody help? Martin
