I'm writing about this without even doing a google search so if this is really obvious, just ignore the post and I'll search for it soon.

I was reading my email today and after the 5th email claiming that my paypal account has been suspended and I have to “log in” to fix it I realized a really simple rule that would fix this issue.

All you have to do is scan the email for a href's.  Many times the text for the a href will be a url itself.  Something like http://www.paypal.com.  So if you search for these, and verify that the href target matches the text, you'd have a pretty good rule to detect that it's spam.  I can't think of any reason to display a url and set the target to something other than that url. 

So does anyone know how to write this kind of filter and plug it into outlook?