The email purportedly delivers an electronic Merchant Billing Statement to the recipient:
Unfortunately, the attached file is nothing of the sort, but a piece of information-stealing malware.
"The scammers have attempted to make the email sound more believable by including a link to the genuine Chase Paymentech as well as legitimate sounding liability and confidentiality statements," Hoax-Slayer points out.
"Chase Paymentech customers may open the attachment in the mistaken belief that it contains a legitimate file associated with their account. Non-customers may open the attachment with the view that some error has been made that may need to be rectified as soon as possible," he explained the danger.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.