This ought to win a prize for phishing domain names least likely to fool anyone:
Quote:
From: "Squirrel Mail Development Team"<alert@squirrelmail.org>
Subject: Internet Users Email Upgrade (IUEU)
Dear E-Mail User
Due to the package compromise of 1.4.11,1.4.12 and 1.4.13, we are forced to release 1.4.15 to ensure no confusions. While initial review didn't uncover a need for concern, several proof of concepts show that the package alterations introduce a high risk security issue, allowing remote inclusion of files. These changes would allow a remote user the ability to execute exploit code on a victim machine, without any user interaction on the victim's server. This could grant the attacker the ability to deploy further code on the victim's server.
So upgrade to Squirrel Mail Development Team by click Squirrel Mail Login [links to addictedtocrack.com/blog/wp-content/uploads/2009/11/security.php] SquirrelMail 1.4.15 Released
We STRONGLY advise all users of 1.4.11, 1.4.12 and 1.4.13 upgrade immediately.
addictedtocrack.com was actually registered in 2003. There is no phishing page there. It may be a joe job rather than a hacked website.