The Microsoft Office productivity tool used in some ransomware attacks: Macros

Mar 19, 2022, 7:15 AM
(Photo Illustration by Igor Golovniov/SOPA Images/LightRocket via Getty Images)...
(Photo Illustration by Igor Golovniov/SOPA Images/LightRocket via Getty Images)
(Photo Illustration by Igor Golovniov/SOPA Images/LightRocket via Getty Images)

Q: What are macros in Microsoft Office and what makes them dangerous?

A: Macros are one of the oldest and most valuable tools in the computer world because they allow complicated instructions to be performed with a single command.

You can essentially record a long series of commands and save them to a shortcut for future execution to save time without having sophisticated coding skills.

If you use Microsoft Office, there are a myriad of useful macros that can be created in applications like Word and Excel, such as inserting company letterhead to an existing document or adding formatted tables into a spreadsheet.

Macros are especially useful when you have a series of repetitive commands that you often use in just about any productivity software program.

The specific instructions for creating macros varies by program, so the best way to learn how to do it is by going to the ‘Help’ menu in any program and searching for ‘create a macro’.

Malicious MacrosThis same powerful productivity tool can be used to create harmful results because malicious macros can be hidden in official-looking documents.

This time of year, there are lots of attempts to compromise users via official-looking tax documents that arrive via phishing email messages and can appear to be from the IRS, your employer or from a payroll company.

The underlying coding tools can be easily manipulated to hide malicious code that will automatically and silently run when you simply open the document or spreadsheet.

What makes this type of compromise especially dangerous is that it can execute the malicious code without the user ever seeing what is happening, which is why it’s one of the methods used to propagate ransomware attacks.

Ransomware needs time to go through your computer’s files and encrypt them in the background, so sneaking in silently is essential.There are also lots of websites that offer free macros that you can download to save time, which may sound tempting but should be avoided.  There is no easy way for a non-technical user to know if a macro is legitimate or dangerous so stick to creating your own.

Disabling Macros for SecurityIn the past, you had to manually disable macros to protect yourself, so if you are using a really old version of Office, search the ‘Help’ menu for ‘disabling macros’ in all of the programs you use.

In current versions of Office, the default setting disables macros with a notification to the user that will allow them to enable it, if they so desire.

This should only be done if you are certain that the document is from a trusted source, such as your own company’s corporate network or something that you created in the past.

If you don’t know what a macro is going to do, you should never enable it unless you can verify the contents.

If you share a computer with younger users or don’t have the need for any macros, you can ‘disable all macros without notification’ in the ‘Macro Setting’ of the ‘Trust Center’ in Microsoft Office so the ‘enable’ option never appears in the future.

Data Doctors

(Pexels Photo)...
Data Doctors

Tips to understanding full virus scan information

Depending upon your setup, there are a few things you can check for to help you understand what and where files are stored on your computer.
2 days ago
(Pexels Photo)...
Data Doctors

A handful of free and easy video editors for beginners

For those looking to get into video editing, here are a few options that work directly on smartphones, computers and tablets.
9 days ago
(Photo by Budrul Chukrut/Getty Images)...
Data Doctors

Here are tips for speeding up your Chrome browser

If you love using your Google Chrome browser, but it seems to be boggling down, here are a few tricks to speed things up.
16 days ago
In this photo illustration, the Virtual Private Network (VPN) is seen displayed on a smartphone. 
Data Doctors

Using your VPN to get around local sports blackouts

For those that have cut the cable and gone to streaming services, one challenge has always been accessing live sporting events.
1 month ago
(Pexels Photo)...
Data Doctors

How to help stop the junk text messages from coming in

If it seems like you’re getting more junk text messages recently, you aren’t alone.
1 month ago
Sponsored Content by Arizona Department of Health Services

Update your child’s vaccines before kindergarten

So, your little one starts kindergarten soon. How exciting! You still have a few months before the school year starts, so now’s the time to make sure students-to-be have the vaccines needed to stay safe as they head into a new chapter of life.

Sponsored Articles

Christina O’Haver

Stroke month: Experts call attention to stroke prevention

Every 40 seconds—that’s how often someone has a stroke in the United States. It’s the fifth leading cause of death among Americans, with someone dying of a stroke every 3.5 minutes.
Arizona Division of Problem Gambling

Arizona Division of Problem Gambling provides exclusion solution for young sports bettors

Sports betting in Arizona opened a new world to young adults, one where putting down money on games was as easy as sending a text message.
By Dr. Richard Carmona

Now’s a great time to receive your COVID-19 vaccine

If you haven’t received a COVID-19 vaccine yet, now’s the time to join many other of your fellow Arizonans who are doing so right now. No one will criticize you; there is no shame. In fact, you’ll be welcomed with smiles and open arms!
The Microsoft Office productivity tool used in some ransomware attacks: Macros