The bank trojan runs by mouse over the link in the PowerPoint document, does not require the hyperlink to be clicked. The method - which was used in a recent spam campaign that tried to install a backdoor banking fraud commonly known as Zusy, OTLARD and Gootkit - is notable because it was not based on macros, visual basic scripts or JavaScript to deliver its payload.
Vía Arstechnica