Two of our customers have received phishing e-mails involving the use of a fake SSL certificate. This is a worrying development. Although a technique for faking certificates has been demonstrated at security conferences on several occasions in the last two years, we are not aware that it has ever previously been used in 'the wild'.
The certificate itself appears to be a valid (but fake) client certificate file that does not appear to contain a virus. It is not at all clear how the attack would work, but it seems likely that installation of the fake certificate was only a first step.