triviageek

In case you're wondering HOW I examine the RAW HTML to detect the phishers, I thought I'd provide an explanation.

First I use Eudora for my email both at home and at work. I dunno how to do this with Outlook or Outlook Express (or even whether it CAN be done with a Microsoft product). *shrug*

Eudora has this neat little button shown below which transforms the email message into the RAW HTML so that I can examine it.

Email message as displayed normally:

For your protection, we have limited access to your account until you will update your account with the correct information, and a new password.
Click here to update your account

You can also fill in the verification information by logging into your PayPal account at http://www.paypal.com/row/. Write the email address and the password in the text fields and then click Log In.

then all I have to do is press this little button (at the top of each message).


  

And then I get this RAW HTML:

<p>For your protection, we have limited access to your account until you will update your account with the correct information, and a new password. </p>
<table align="center" bgcolor="#ffe65c" border="0" cellpadding="1" cellspacing="0" width="320"><tbody><tr><td><table align="center" bgcolor="#fffecd" border="0" cellpadding="4" cellspacing="0" width="100%"><tbody><tr><td class="sansSerif" align="center">
<a href="http://www.paypal-acounts.com">Click here to update your account</a></td>
</tr></tbody></table></td></tr></tbody></table>
<p><br>
</p>
<p><br>
</p>
<p>You can also fill in the verification information by logging into your PayPal account at <a href="http://www.paypal-acounts.com">http://www.paypal.com/row/</a>. Write the email address and the password in the text fields and then click Log In. <br>

Note the <a href="http://www.paypal-acounts.com">sometexthere</a> in the midst of all that gobblygook. That is the REAL ADDRESS that clicking on the link sometexthere would take you to if you were silly enough to click on it.