Received an email with an HTM attachment. When viewed in a text editor it just contains a javascript. Any thoughts on what this is trying to do?

A person in my organization received an email titled **Payment\_Scheduled\_ACH/Wire...** which contained an HTM document titled ACH.Wire-Payment03214354.htm.

Fortunately the person knew not to open this file and contacted me to ask if it was safe. Everything about the email screamed scam - including the fact it was From the same person who received it.

Looking at the attachment in a text editor, I can see it just contains a javascript:

<script language="javascript">document.write( unescape(...));</script>


I'm just curious if anyone know what …

attachment cybersecurity document editor email fact file javascript organization payment safe scam text thoughts wire