Hackers Using Macros in Excel to Push out Malware

Used to opening excel files and enabling macros? Be extra careful.

Before you click that permission button, it’s important to understand how dangerous macros can possibly be.

Why are Macro’s so dangerous?

A malicious macro that you run unwittingly may damage or completely delete files on your hard drive, mess up your data, and even corrupt your Microsoft Office installation. For this reason, Excel’s default setting is to disable all macros with notification.

One of the most common ways that bad guys sneak malware onto your computer is through macro-enabled Excel files. A macro (short for macroinstruction) is a set of commands that automate a process in Excel. When you open an Excel file that includes macros, you’ll see a security banner with the option to activate macros by clicking “Enable Content”. Typically, malicious Excel files are attached to a phishing email. If you choose to open the attachment and enable macros, the file will automatically install the cybercriminal’s malware.

According to Knowbe4, in a recent phishing attack, the macro-enabled Excel attachment is designed to look like a Windows Defender help page. The spoofed help page provides easy-to-follow instructions on how to click the “Enable Content” button. To establish additional credibility, the file includes logos of well-known security vendors like McAfee. If you fall for this trick and enable macros, a dangerous piece of malware is installed onto your computer and cybercriminals will have complete access to your system.

Follow these tips to stay safe:

• Never download an attachment from an email that you weren’t expecting.
• Don’t let your eyes deceive you. Bad guys use familiar logos from real businesses to appear more legitimate.
• Before enabling macros for an Excel file, contact the sender using an alternative line of communication—such as by phone or text message. Verify who created the file, what the file contains, and why macros are necessary.

If you need assistance with your cybersecurity contact DarkHound Secops ay [email protected]

Source: Knowbe4

Source Image : https://www.pexels.com/photo/person-using-macbook-air-on-table-1181248/