You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@spamassassin.apache.org by Loren Wilton <lw...@earthlink.net> on 2006/08/07 05:05:51 UTC

Oh goodie! Script-kiddie phish mails!

Looking at an incredibly poorly formatted phish for Chase Bank, I find the 
following stuff after the closing </html> tag:

<!-- text below generated by server. PLEASE REMOVE -->
<!-- Counter/Statistics data collection code -->
<script language="JavaScript" 
src="http://hostingprod.com/js_source/geov2.js"></script>
<script language="javascript">geovisit();</script><noscript>
<img src="http://visit.webhosting.yahoo.com/visit.gif?us1142376053" 
alt="setstats" border="0" width="1" height="1"></noscript>
<IMG SRC="http://geo.yahoo.com/serv?s=76001524&t=1142376053&f=p6w8" ALT=1 
WIDTH=1 HEIGHT=1>