It's another repackaged version of a very old scam, taking advantage of those with virus/spyware infected machines or otherwise email boxes with compromised (and/or simply weak) passwords.
Rather than just spoofing the sender email addresses in the crap email, these messages are being sent directly from the actual email accounts of the compromised users.
The crap email itself always seems to be sent to 10-15 people at once. Nothing appears in the subject line. The body itself only contains a link address, which in itself appears to be a generally legitmate sounding domain.
But the url always includes a weirdly long path which seems to be unique to the email. Makes me wonder if whoever is recycling these domains for their spam use is tracking information on those who are clicking the link.
URLs received (so far) include:
www [DOT] easypinturas [DOT] cl/wp-content/themes/easy/googles.html?cab=ty.psml&sg=mkv.ytf&fhb=qyiv
www [DOT] tomstexascountycourthouses [DOT] com/wp-content/uploads/fgallery/fmaus.html?ffnc=dwdqxi
www [DOT] 509art [DOT] com/wp-content/uploads/slideshow-gallery-pro/google.html?er=rc.gio&cn=ar.reg&fhb=tdsy
www [DOT] ccrystalpublications [DOT] com/home/home/celesteme/ccrystalpublications.com/home/wp-content/uploads/sermons/images/goodbody.html
www [DOT] nickandemilywedding [DOT] com/wp-content/themes/ligneous/photo.php?fly138.png
www [DOT] pasmi [DOT] org/wp-content/themes/pasmi/art.php?cloth1.php
Some of these domains have since been killed. But new deriveratives are being sent out just as quick.
Spun up a test sandbox to see what would happen with the links and saw only redirects to spam websites when the links were opened. The first 'hop' before the redirect always read (complete with the bad english):
You are here because one of your friends
have invited you.
Page loading, please wait....
Um, no I'm not
And then a redirect kicks the page to one of several (legitmate looking) spam sites.
I've included two of the examples below, but there are several others.
"7 News Money Blog" looks like a legimiate site, but it's clearly just another crap "Work at Home" scam
This other site was especially daring as it stole the Fox News website template for their weightloss scam
Could be a bunch of different bugs causing this. Not sure which one(s). It's definitely getting around though (whatever it is).