At a party last night a friend of mine told me about a new spoof email he’d seen. I wasn’t aware of it (I don’t keep my ear very close to that particular ground) but here’s an example just forwarded to me:
> Subject: Attention - Important Notification
> Date: Mon, 19 Oct 2009 05:14:44 -0600
> From: tech-admin <firstname.lastname@example.org>
> To: email@example.com
> On October 22, 2009 server upgrade will take place. Due to this the
> system may be offline for approximately half an hour.
> The changes will concern security, reliability and performance of mail
> service and the system as a whole.
> For compatibility of your browsers and mail clients with upgraded server
> software you should run SSl certificates update procedure.
> This procedure is quite simple. All you have to do is just to click the
> link provided, to save the patch file and then to run it from your
> computer location. That's all.
> Thank you in advance for your attention to this matter and sorry for
> possible inconveniences.
> System Administrator
> __________ Information from ESET Smart Security, version of virus
> signature database 4520 (20091018) __________
> The message was checked by ESET Smart Security.
Scarily real, huh? The “http://updates.myjournal.com” subdomain makes it look very official. So, be careful out there.