Most state employees work with Office documents every day. One class of Office capabilities that most state employees rarely use is macros. What is a macro? A macro is an automated way to perform calculations, tasks, or even something as simple as recording a chain of keystrokes. Macros provide the means for taking long repetitive tasks and automating them with a simple click. Unfortunately there are ways that macros can be used maliciously.
Things to watch out for are:
- Blank documents;
- Documents that contain random characters or symbols; and
- Documents from an untrusted source that prompt you to enable content/macros.
The following is a malicious Excel document with the suspicious objects marked in red (CLICK to enlarge image):
- Don’t open documents from unknown users.
- Watch out for suspicious file names.
- Do not click on “Enable Content” unless you are certain the document is from a trusted sender and are confident of the document’s contents.