I recently received an e-mail from a vendor that I’ve never heard of and with whom I’ve never done business:
From: "USA.NET" <firstname.lastname@example.org>
Date: 3/6/2009 11:28 AM
Subject: Weekly Security Update
Another wave of scam emails are circulating disguised as warnings from the U.S. Federal Reserve Bank. They lead to a fraudulent website that installs phishing/malware software or a Trojan virus that will send out critical information such as user names, passwords, or file contents of sensitive documents.
Always use best security practices when reviewing your email and do not open any email attachments from unknown senders.
To unsubscribe, send an email to: email@example.com with the address: ***.***@***.edu in the subject line.
An unsolicited e-mail from an unknown sender advising me not to click on attachments in e-mails from unknown senders? The e-mail contains a link however, which presumably I’m supposed to follow. That’s amusing. According to this vendor, links must be safe, whereas attachments are not. The subject is generic, and there is no indicator that the sender knows who I am.
This really is indistinguishable from a phishing attempt.