An undetectable SMB e-mail attack. https://www.infosecurity-magazine.com/news/new-form-of-cyberattack-targets/
Pointed out in a comment to the above article is if you're not by now monitoring outbound SMB port traffic or better yet restricting it to your local network, you deserve to get nailed by this attack. Also, don't believe this one is using SMBv1 exploit but rather SMBv2+ for communication.