Dodgy Emails

I see that yesterday afternoon my users received at least two emails with attachments that contain a Ransomware payload that seem to be from GPTQ They are shown to be 'from' real people at GPTQ, but that is not the case. The email says things like 'Attached is your service report', or 'as per the attached email, when can I expect a solution?' With a subject of 'URGENT INFO' or 'Compliance Report for [named staff member at my client's clinic]' These emails LOOK very convincing. DON'T open attachments that you weren't expecting, even from known people.