The bad guys are now exploiting news of the CapitalOne breach to push a malicious backdoor trojan via a phishing email purporting to offer a Windows Security Update. See the attached example email.
Clicking the link in that email downloads a file named KB3085604.exe — obviously named to resemble Microsoft patch files and security updates.
The phishing email itself spoofs the targeted those working in organizations that occasionally ask employees to perform routine IT tasks (e.g., applying updates, updating AV definitions, etc.).
If in doubt, give us a call 800 263 8433