If you came across any Facebook Message with an image file send by any of your Facebook friends, just avoid clicking it. An ongoing Facebook spam campaign is spreading malware downloader among Facebook users by taking advantage of innocent-looking SVG image file to infect computers.

If clicked, the file would eventually infect your PC with the nasty Locky Ransomware, a family of malware that has quickly become one of the favorite tools among criminals due to its infecting capabilities. The attack campaign uses Facebook Messenger to spread a malware downloader called Nemucod that takes the form of .SVG image files. Why SVG file?

For a strain of ransomware that’s only been in the wild for a little more than a month, Locky has sure been able to make a name for itself.

The malware gained notoriety last month when it confounded administrators at the Hollywood Presbyterian Medical Center in Los Angeles and apparently took another victim this week in Henderson, Kentucky’s Methodist Hospital. The hospital, a 217 bed acute care facility on the Ohio River, affixed a scrolling red bar to the top of its website this week claiming it was working in an “Internal State of Emergency due to a computer virus” that limited its “use of electronic web based services.”

Locky has quickly made a mark for itself. Computer security companies say it has become a commonly seen type of ransomware, which is used to hold a computer’s files hostage pending a ransom payment.

Trustwave’s SpiderLabs said on Wednesday that 18 percent of 4 million spam messages it collected in the last week were ransomware-related, including many linked to Locky. “We are currently seeing extraordinary huge volumes of JavaScript attachments being spammed out, which, if clicked on by users, lead to the download of a ransomware,” wrote Rodel Mendrez, a Trustwave security researcher.

Several security researchers have discovered a new type of malware that jumps onto the ransomware bandwagon, encrypting victims' files and then demanding a payment of half a bitcoin for the key.

Named "Locky," the malware depends on a rather low-tech installation method to take root in a user's system: it arrives courtesy of a malicious macro in a Word document. Security researchers Kevin Beaumont and Lawrence Abrams each wrote an analysis of Locky on Tuesday, detailing how it installs itself and its components. The carrier document arrives in an e-mail that claims to be delivering an invoice.