The zip attachment of the "PURCHASE ORDER" email contains a bat file. This runs a PS, which infects the machine with malware. The stolen data is exfiltrated via SMTP.
Cyber Espionage, APT31 launched a large campaign impacting many French entities

ANSSI: APT31 launched a large intrusion campaign impacting numerous French entities. The cybercrime actor uses a network of compromised home routers as operational relay boxes
APT31 launched a large intrusion campaign impacting numerous French entities. It has been denounced by ANSSI cybersecurity experts. The cybercrime actor uses a network of compromised home routers as operational relay boxes in order to perform stealth reconnaissance as well as attacks. According to the researchers, the malicious hackers (aka Zirconium and Judgment Panda) are a hacking group working for the Chinese Government. It is known for many cyber espionage and information theft campaigns.