From DarkReading

Phishing campaign has hit more than 3.5 million mailboxes, researchers say
Researchers have detected a new phishing attack that promises to enhance the security of the user's emailbox -- and then downloads a malicious Trojan instead.

The email requests that recipients click on a link in the body of the email to update the "security mode" of their emailboxes, according to researchers at Red Condor, an email security tool vendor.
Users who click on the link are taken to a Website that advises them to update to the latest version of the Macromedia Flash Player by downloading "flashinstaller.exe." This executable is actually a banking Trojan that is known to disable firewalls, steal sensitive financial data, and provide hackers with remote access capabilities, Red Condor says. [More...] [Comments...]