A round of phishing emails purports to be from a job-seeker, but actually uses a slew of detection evasion tactics to download malware on victim systems. The phishing message tells victims to enter a password ( 123 ) to view the document, then urges users to click on Enable Content next to the warning bar that states that macros have been disabled. The attack avoids detection by downloading a Microsoft self-extracting executable, which then unpacks a Quasar RAT binary at 401MB.
Source: https://threatpost.com/microsoft-word-resume-phish-malware/147733/