Opening the attachment (which Sophos detects as Troj/JSRedir-BO) redirects your browser to a third-party site. In our testing that has been a website selling online medications – one of the infamous Candian Pharmacy websites.
But as you’re redirected to that online drugs store, you can also be hit by an exploit which attempts to load a booby-trapped PDF and slap you with an infected EXE file via some Java exploits.
Read more in my article on the Naked Security website.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.