The spam emails contain no subject and the bodies of the message contain only a single url with no comment added.
"Less is more" and this is probably the tactic of the hacker (scammer) to involve fewer text to not arouse suspicious from receiver of the scam email. This is probably the reason why some victims have clicked the url indicated.
We cannot confirm if your email account will be hacked immediately once you open the URL or is it a phishing page that asks you to key in your password to login to your email account.
Below are some of the scam URLs we have gathered for the past few days:
PLEASE DO NOT OPEN ANY OF THEM.
We have noticed some similarities in the URLs, which may be linked to WordPress, which also includes a HTML file "googles.html" - of course, not for all. Therefore, we cannot confirm if all of them are the work of the same scammer. All, except for the last 2 URLs, are hosted by the webhost dreamhost.com.
Our analyzed results are (excluding the last 2 URLs):
1. The scammer may own all the domain names and has created the paths to mislead victims
2. The scammer may have hacked the webhost and uploaded the files
3. The scammer may have created a dummy plugin for WordPress blog owners to install
Whatever is the case, do make sure you let your friend know if he/she has sent you an email with similar URL. In fact, you should not open just any URL in email without checking with the sender. Victims should change their email accounts' password immediately and possibly, do a full system anti-virus scan.