This phishing attack delivers three forms of malware. And they all want to steal your data