This article is currently being drafted, and will be added to over time. In the meantime, Sophos have an article that goes into some detail about what is going on here. Some key points :-
- Don’t click on the encrypted attachment (named something.dot).
- Don’t decrypt the attachment.
- To the best of our knowledge, the personal data contained within the email is from web site data leaks – which web sites is unknown.
The email in question can be identified because it :-
- Contains your residential address.
- Has a password-protected (and encrypted) attachment and the email lets you know what that password is … very poor security.
- The language of the email is odd.
The attachment itself contains Word macros which (when enabled) in turn pulls down some malware to infect your computer.