Initially I thought this was just another Phishing email, but when I checked the link that was in this email, the web page tried to force me to execute an executable file. I have not had a chance to look into the executable yet, but any web page that does that concerns me.

So if you receive an email like this, DELETE IT .

Here are the images of the html and text of email I received, the web site, and the download prompt. You can click on one of the thumbnails below to see a larger version of the image:

[More:]

Here is the text of the message I received.

KEY BANK ALERT SYSTEM! Updates available:
When you bank online with us, your information is encrypted. Encryption makes information unreadable in order to protect it from unauthorized viewing or use, especially during transmission.

Update your system now<< >h__p://ktt.key.ktt.cmd.logonFromKeyCom[....more.....]

For your security and ours, Key employs a robust industry standard for all encryption.

Sincerely, Vaughn Austin.
Copyright 1998-2008, KeyCorp. All rights reserved.

Even though this message said it came from key.com, the actually sending IP address pointed to:

inetnum: 78.174.0.0 - 78.174.255.255
netname: TurkTelekom
descr: TT ADSL-Tnet NEC dynamic_aci
country: tr
admin-c: TTBA1-RIPE
tech-c: TTBA1-RIPE
status: ASSIGNED PA
mnt-by: as9121-mnt
source: RIPE # Filtered
role: TT Administrative Contact Role
address: Turk Telekom
address: Bilisim Aglari Dairesi
address: Aydinlikevler

Maybe I am a little skeptical, but I don't think that this bank is hosting its business on Turkish Telecom.

So if you happen to get this email don't follow any of the links or reply to it, just DELETE IT.

Dave