Well that's just nasty.
One of the popular ways to part you from your money is to send an alarming email, pretending to be your bank/utility/paypal/whatever, and send you to a site that has all the graphics and looks like the spoofed site, but is actually only collecting your personal information (to steal your identity or credit card info).
This is why the browsers now check that the site certificate was issued to the site you're actually on. And why you should NEVER click on a link in an email. I need no talent at all to create an email that looks like a real link but takes you to my spoof site.
If you got to the site by trusted browsing methods (typing in the web address or using a 'favourite'), then I'd call the company - NOT from the number listed on the (possibly spoofed) site, but from your phone book or statement and let them know you're getting this error message.
The site certificates do expire, so it is possible someone forgot to keep it current.
If you're on a secure site, you can check the certificate by clicking on the little 'lock' icon - you can see who issued the certificate, what encryption level is being used, who the certificate was issued to. There are only a handful of issuers worldwide - Verisign, Entrust, Thawte, Equifax.
Sorry to rant, this was much more of an answer than you needed, but hopefully it helps spread some awareness.
Hope you've had some good weather for 2-wheel adventures! We've been working on getting the crops in - maybe we'll get some time again late May :)
Cheers,
Linda