Our multi-layer Barracuda spam/virus/malware filtering is very effective, but some bad things do slip through when the bad guys come up with new tricks and send email before the spam filters get updated.
Here’s an example that came in today, claiming to be from Chase and asking the recipient to correct something about their account. When viewing the message on a computer you can hover the mouse over any links provided and see if they look real – in this case, doing that showed that the link actually went to a compromised server in Bosnia/Herzegovina:
When in doubt, don’t click on links in email that claim to be from your bank or an online merchant. Log on to your account manually and decide whether any action needs to be taken.