Threat actors are distributing the Dharma Ransomware in a new spam campaign targeting Windows users in Italy. The spam emails use mail subjects like ‘Fattura n. 637 del 14.01.20’ and pretend to be a sent invoice. When clicked on the email is a link to the alleged invoice that when clicked on will bring the user to a OneDrive page hosting a file called ‘New documento 2.zip’ This file will be automatically downloaded when a user visits the page.
Source: https://www.bleepingcomputer.com/news/security/dharma-ransomware-attacks-italy-in-new-spam-campaign/