The "password in text" is a specific feature of one of the new variants of a "currently popular" virus package. By "password protecting" the viral portion of the message, it "theoretically" cannot be accessed by your antivirus program. (If you AV is current it can still detect the virus.) Since the AV can't read the text to get the password, it's not supposed to be able to "open" the package to inspect it, but if you enter the password, you've turned it loose on your machine.