These emails are part of the operations of an emerging and active targeted threat called Safe campaign, the operations of which are documented in the research paper by Trend Micro. These spear-phishing emails contain a malicious attachment and encourage a recipient to open a harmful attachment by attracting him with contextually relevant content. From a threat perspective, Trend Micro has identified five key target organisations including government ministries, technology companies, media outlets, academic research institutions and non-governmental agencies.