For those who state normal end users are careless with e-mail. If the GitHub folks can get nailed by a phished e-mail, anyone can get nailed. https://www.bleepingcomputer.com/news/security/github-users-targeted-with-dimnie-trojan/https://www.bleepingcomputer.com/news/security/github-users-targeted-with-dimnie-trojan/
Same ole same ole. Email attachment from unknown source with a document forcing turning on macros. DUMB!