The Emotet botnet has begun to use a new malicious attachment that pretends to be a message from Windows Update telling you to upgrade Microsoft Word. These attachments will prompt a user to ‘Enable Content’ so that malicious macros will run to install the EmOTet malware on a victim’s computer. These documents utilize macros to download and install the malware. These macros also trick users into enabling the macros, including pretending to be created on iOS devices, Windows 10 Mobile, or that the document is protected.
Source: https://www.bleepingcomputer.com/news/security/watch-out-for-emotet-malwares-new-windows-update-attachment/