A spam campaign whose emails purport to originate from the United States Postal Service is delivering a triple malware threat to recipients. An infection begins when a user receives an email from a sender purporting to be the USPS. The email states that the USPS delivered a package for the recipient to a ground station. It then requests that the recipient download the attachment to view the delivery label and schedule a pick-up time. An attacker can use a trojan named Kovter to steal a user’s personal information or execute code directly through the registry.”]
Source: https://grahamcluley.com/triple-malware-threat-delivered-usps-themed-spam/