Onliner bypasses spam filters by collecting emails leaked with their passwords and SMTP credentials from previous breaches, including the massive LinkedIn hack in 2012 that compromised 117 million accounts. "The more SMTP servers [the spammers] can find, the more [they] can distribute the campaign," Benkow explained. They then use those credentials to send infected emails to the other addresses in the list. According to the researcher, 80 million of the 711 million accounts had complete credentials and were used as senders, while the rest were used as targets.

The fact that Ursnif emails can land unchallenged in inboxes is pretty troubling, since they can infect PCs as soon as you load their attachments. Once in your system, the trojan can steal your bank log-ins, credit card info, various passwords and even act as a keylogger. You don't have anything to worry about if you're very careful about the attachments you open, but you can check Have I Been Pwned to see if you need to scan your PC ASAP.