Trend Micro fraud analysts recently came across spammed messages targeting customers of the Fifth Third Bank. The messages urged recipients to log in to a temporary link, http://www.53.com.{BLOCKED}.com.pl/wpserver/cmportal/cblogin.php?session=667882698791972326077742654898739&email=p2t2all@tacobell.com , in order to download and install a digital certificate that would supposedly reinforce the bank’s security.

Excerpt from:
Phishing in the Guise of Enhancing Security