Hmm.. And I actually thought that sending out direct login links by clear-text e-mail was a bad idea....
Important update: my link + title initially pointed at RapidSSL.com, while the correct should be RapidSSLOnline.com. Big thx to Tom Willows for correcting me!
Here's the email received, slightly censored to protect the innocent:
Clicking the "Renew & Save" takes you - or anyone who can get access to the email in transit or at rest - directly to this page (again heavily censored):
Dear RapidSSLOnline:You are in the business of Internet security. I really do expect better than this. Running your entire shop off Amazon cloud servers (web + mail) doesn't help on my lack of confidence in your current security practices. (Sorry Amazon).