Researchers at HP Wolf Security have started to see phishing spam email campaigns deploying a previously unknown malware family SVCReady.
The HP security blog has a very good description of the malware and how it works – a bit techie – but towards the end it shows some images of what a compromised document looks like.