Phish of the Day: Southtrust

This isn't hot off the presses -- just clearing out a backlog. Two phish targeted at Southtrust customers were received recently, to a relatively spam-free address which I surmise has been obtained through virus-compromised personal computers. The first was received from 70.21.101.92 (pool-70-21-101-92.res.east.verizon.net.) on Fri, 01 Jul 2005 02:00:29 +0000, with URL http://202.99.223.139/rpm/ (WHOIS: TaiYuan GPP Netbar, China). The second was received from 80.51.233.242 (WHOIS: Polish Telecom) on Mon, 04 Jul 2005 07:54:56 +0000, with URL http://68.40.224.16:85/st/index.html (pcp0010583934pcs.detrtc01.mi.comcast.net.). These phish used the "GIF image in lieu of text" approach, and just to be different, I'm attempting to upload the image with the new Blogger "images" feature. The linked sites were down by the time I tried reaching them, so no further comment.