After almost an almost non-existent presence in 2017 and a few weeks off, Locky is back with a fresh wave of SPAM emails containing malicious docs. These emails include a PDF attachment with a name like P72732.pdf. When these PDFs are opened, the target will be prompted to open an embedded Word document. When done it will display the ransom note to let the victim know that they have been infected. At this time there is still no way to decrypt files encrypted by Locky.
Source: https://www.bleepingcomputer.com/news/security/the-locky-ransomware-is-back-and-still-adding-osiris-to-encrypted-files/