In the last couple of days, I’ve received email from my ISP telling me that my credit card has been declined and I need to click the handy link and enter a new number, and email from Paypal telling me that my account has been hacked and I need to click the handy link and change my password.
They were both scams, of course but convincingly executed. So watch yourselves. If you get this sort of email, never click the hotlink enter the URL of the site in question manually, and see if there’s actually a problem or not. (If your mail program allows it, you can also just take a look at the message source code and see where the hotlink is actually set up to take you.)
But you knew that.