There is an e-mail circulating with the subject "Microsoft Outlook Critical Update" which is very real looking, but very fake and dangerous.
The URL pointing to the "critical update" looks legitimate, but hovering over the hyperlink (or checking the source code of the mail) will show that the link leads to a totally different destination.
Sophos Labs indicates that the URL leads to the download of "a backdoor banking Trojan which allows a remote user to access and steal sensitive data and provides an intruder with remote access to the compromised system."
Remember that Microsoft will never send updates via a direct e-mail. Updates should be installed directly from the official Microsoft Update website at http://update.microsoft.com.
