If you want to know what a malicious phishing email and Word document looks like and how it functions, have a read of this article by Xavier Mertens on SANS Internet Strom.
Infostealer Embedded in a Word Document – SANS Internet Storm Center
It uses a simple technique to get you to click and activate the package – it displays a very small document and invites you to click here to enlarge it.
Sneaky – but they always are.
Clive Catton MSc (Cyber Security) – by-line and other articles