The message’s subject may refer to an urgent payment confirmation notice. The email may have an attachment which is said to contain a payment document that needs to be checked and confirmed.
The attachment is harmful and should not be opened under any circumstance. The attachment is infected with malware that will download to the device when the attachment is opened. If you have opened the attachment, do not continue to use your device until you have had it cleaned by a professional. If you opened the attachment on your computer, contact your employer’s IT support.
If you have opened the attachment, immediately deactivate your online bank user ID by calling OP Customer Service at +358 100 0500. Outside service hours, deactivate your user ID by calling OP Deactivation Service at +358 100 0555 (24/7). Don’t start using your new user ID until the device has been cleaned.
Example of a phishing email: