Hackers are using a new technique in these campaigns where non-malicious documents are used to disable security warnings before executing macro code on the targeted computer. This means hackers are downloading/executing malicious DLLs/ZLoader without any malicious code in the spammed attachment macro. The malware is known for using macro-enabled MS Office documents as its initial attack vector and steal PII and login credentials mainly from users of certain financial institutions. To protect yourself from the new malspam campaign make sure documents are not downloaded or executed on your device.
Source: https://www.hackread.com/hackers-disable-macro-security-warnings-malspam/