I signed up for email updates from a small craft brewer and vintner a couple of years ago. The messages are infrequent and unobtrusive (as they should be), just updates on latest releases and special events- until this week. The list received a message from the vintner explaining that their webhost's servers had been hacked and that we should not visit their site until the system was cleaned up. Unfortunately, they included a live link to their website in the message.
I'm sure it wasn't intentional, their email client probably just converts anything that looks like a URL into a link, but the result was sending their entire list a link to a compromised site.
Of course I fired up VMWare, launched a Windows guest OS and headed over to the site to see what I could find- but they had already restored the webserver- no sign of malware. It is good that the webhost did the cleanup so quickly, but I was a little disappointed that I couldn't infect a machine to poke at later.
We still haven't received a "sorry folks, everything's back to normal" message from the vintner, either. I think there might have been better ways to handle the situation...
Jack
