Definitely DO NOT follow the advice they give to enable macros or enable editing to see the content.
Most of these malicious word documents either appear to be totally blank or look something like these images when opened in At this time, these only infect windows computers.
Update 1 February 2016: I have now received 1 copy directly today sent to an email account associated with a charity that I manage the website for.
Most of these are more directly targeted at small businesses, charities and organisations that regularly advertise as looking for staff and/or volunteers and consequently are more likely to open the attachment without thinking and be infected.
The scripts are slow and have additional built-in delays.
I don’t know how an automatic analyser would handle this.
I haven’t received any personally and this one was sent to me by a friend in USA who analysed the content and got the downloaded malware.
Because 220.127.116.11 has been associated for a long time with malware delivery affecting all OS, including all versions of Windows, Linux, Mac and Android, It has been suggested to me that there is a strong possibility that there will be versions of these attacks that can and will affect any device or Operating system.
All of these emails use Social engineering tricks to persuade you to open the attachments that come with the email.
It might be a simple message saying “look at this picture of me I took last night” that appears to come from a friend.
One of the analysts has managed to decode today’s file contacts 18.104.22.168/qt.jpg?
En56Kv E=n and download the same grinning skull image as shown in THIS post that when decrypted/decoded gives ( Virus Total) When the macro runs it creates a second obfuscated script in one long string which is run with a shell command.
The bad guys choose companies, Government departments and other organisations with subjects that are designed to entice you or alarm you into blindly opening the attachment or clicking the link in the email to see what is happening.