The Microsoft Office productivity tool used in some ransomware attacks: Macros

Mar 19, 2022, 7:15 AM

(Photo Illustration by Igor Golovniov/SOPA Images/LightRocket via Getty Images)...

(Photo Illustration by Igor Golovniov/SOPA Images/LightRocket via Getty Images)

(Photo Illustration by Igor Golovniov/SOPA Images/LightRocket via Getty Images)

Q: What are macros in Microsoft Office and what makes them dangerous?

A: Macros are one of the oldest and most valuable tools in the computer world because they allow complicated instructions to be performed with a single command.

You can essentially record a long series of commands and save them to a shortcut for future execution to save time without having sophisticated coding skills.

If you use Microsoft Office, there are a myriad of useful macros that can be created in applications like Word and Excel, such as inserting company letterhead to an existing document or adding formatted tables into a spreadsheet.

Macros are especially useful when you have a series of repetitive commands that you often use in just about any productivity software program.

The specific instructions for creating macros varies by program, so the best way to learn how to do it is by going to the ‘Help’ menu in any program and searching for ‘create a macro’.

Malicious MacrosThis same powerful productivity tool can be used to create harmful results because malicious macros can be hidden in official-looking documents.

This time of year, there are lots of attempts to compromise users via official-looking tax documents that arrive via phishing email messages and can appear to be from the IRS, your employer or from a payroll company.

The underlying coding tools can be easily manipulated to hide malicious code that will automatically and silently run when you simply open the document or spreadsheet.

What makes this type of compromise especially dangerous is that it can execute the malicious code without the user ever seeing what is happening, which is why it’s one of the methods used to propagate ransomware attacks.

Ransomware needs time to go through your computer’s files and encrypt them in the background, so sneaking in silently is essential.There are also lots of websites that offer free macros that you can download to save time, which may sound tempting but should be avoided.  There is no easy way for a non-technical user to know if a macro is legitimate or dangerous so stick to creating your own.

Disabling Macros for SecurityIn the past, you had to manually disable macros to protect yourself, so if you are using a really old version of Office, search the ‘Help’ menu for ‘disabling macros’ in all of the programs you use.

In current versions of Office, the default setting disables macros with a notification to the user that will allow them to enable it, if they so desire.

This should only be done if you are certain that the document is from a trusted source, such as your own company’s corporate network or something that you created in the past.

If you don’t know what a macro is going to do, you should never enable it unless you can verify the contents.

If you share a computer with younger users or don’t have the need for any macros, you can ‘disable all macros without notification’ in the ‘Macro Setting’ of the ‘Trust Center’ in Microsoft Office so the ‘enable’ option never appears in the future.

Data Doctors

I need some Arizona tech tips. Will I lose all my saved passwords if I clear the cache in my browse...

Data Doctors

Arizona tech tips: How to clear your browsing data

Q: I need some Arizona tech tips. Will I lose all my saved passwords if I clear the cache in my browser? A: Here's what you need to know.

2 days ago

USB-C on iPhone...

Ken Colburn, Data Doctors

An explanation of the confusing state of USB-C cables

Q: If USB-C is a connection standard, what do the expensive cables do for me over the cheap ones? Here's a quick and simple answer.

9 days ago

woman at printer...

Data Doctors

Here’s how to bypass your printer when filling out forms

A major issue with having a printer in harsh environments is that printer jets can become clogged when they are rarely used, so I’d suggest an alternative.

16 days ago

man holds cellphone...

Ken Colburn, Data Doctors

Here’s what to do if you think your phone is listening to your conversations

As scary as it may seem that big tech is listening to everything we say, the reality of what they are doing is much more invasive.

23 days ago

(Photo by Kirk McKoy/Los Angeles Times via Getty Images)...

Ken Colburn, Data Doctors

Hard drive maintenance tips everyone should know

Depending upon the age and type of hard drive, the potential failures can be mechanical or electronic so the first thing to do is pay attention!

30 days ago

laptop opened on desk...

Data Doctors

Here are 5 critical security tips for your laptop you need to know

There are very significant threats you should protect against and know what to do should you find yourself dealing with them.

1 month ago

Sponsored Articles

Home moving relocation in Arizona 2023...

BMS Moving

Tips for making your move in Arizona easier

If you're moving to a new home in Arizona, use this to-do list to alleviate some stress and ensure a smoother transition to your new home.

Sanderson Ford...

Sanderson Ford

Sanderson Ford congratulates D-backs’ on drive to great first half of 2023

The Arizona Diamondbacks just completed a red-hot first half of the major league season, and Sanderson Ford wants to send its congratulations to the ballclub.



At Ability360, every day is Independence Day

With 100 different programs and services, more than 1,500 non-medically based home care staff, a world-renowned Sports & Fitness Center and over 15,000 people with disabilities served annually, across all ages and demographics, Ability360 is a nationwide leader in the disability community.

The Microsoft Office productivity tool used in some ransomware attacks: Macros