[Rules] Add LEAKED_PASSWORD_SCAM rule

rules/regexp/misc.lua

@@ -60,3 +60,15 @@ reconf['HAS_ONION_URI'] = {
     score = 0.0,
     group = 'experimental'
 }
+
+local password_in_subject = [[Subject=/\bpassword\b/i]]
+local password_in_body = [[/\bpassword\b/i{sa_body}]]
+local btc_wallet = [[/\b[13][0-9a-zA-Z]{25,34}\b/{sa_body}]]
+
+reconf['LEAKED_PASSWORD_SCAM'] = {
+  re = string.format('(%s | %s) & %s', password_in_subject,
+      password_in_body, btc_wallet),
+  description = 'Contains password word and BTC wallet address',
+  score = 5.0,
+  group = 'scams'
+}