Capital One Phishing

They left out something important for me, and I run Linux, so ha ha!  Still, they got hold of email accounts, so I think Cap One has been breached, and although I marked it as gmail spam, it got through as a zero day attack.  I signed into my account and there is no such alert, and I notified them.

8:34 AM

Account Alert: Service Validation. Dear Valued Holder, As requested, We're writing to make sure you're aware of a NEW change in security procedure for all account holders.Your profile and billing information needs to be validated. Kindly follow the ONE-TIME action below in order to opt with our recent security improvement. By passing back and forth private information that only you and us know, you can feel even more secure with your online access experience. We recognize you and you recognize us. ONE TIME ACTION:  To continue, we have sent you an attached HTML Web Page. See e-mail attachedweb page Download and save it Open the attached web page Get started by confirming your informations Sincerely, Online Customer Center.

Further thoughts:  If nobody else reports this, then it could be a high-quality 'Spear Phishing' attack aimed at me, since I mention Cap 1 in my blog.  On the other hand, they would know it was useless.  :)