Following These 6 Tips Will Help You Avoid a Macro Phishing Attack

Protecting Your Small Business from Macro-Based Malware

Some of the cybersecurity threats small businesses face lurk in the emails employees open everyday. One of the most dangerous forms is called phishing, in which malicious viruses hide in otherwise innocent attachments. That was the case with the recent DocuSign macro attack.

In the DocuSign hack, emails spoofed the company brand and tricked unsuspecting people into opening an infected Word document. Macros are automation codes used in Word documents and Excel spreadsheets in Microsoft Office. In some of these phishing attacks, a file is sent prompting users to open these macros, which contain the malware.

Drive Traffic to Your Website

Sell Your Business

Win $100 for Vendor Insights

So the question becomes, what can small businesses do to avoid falling victims to these attacks? Small Business Trends talked with Mike Van Pelt, threat analysis engineer at the Barracuda Networks in San Francisco. He supplied some valuable tips on the subject.

Protecting Your Small Business from Macro-Based Malware

Leave Macros Alone

The biggest tip to make sure you don’t run into any security issues through macros is don’t enable them.

“If you don’t need to use them, you should definitely have them turned off,” Van Pelt says. “That’s the major way these viruses get in through office documents.”

If you have a systems administrator, they should set a policy about not enabling macros. Van Pelt says this is likely the way other infamous Ransomware viruses like WannaCry got into networks.

Keep in mind that by default, these macros aren’t tuned on usually and need to be enabled. However, there are situations where these are enabled by default in some Microsoft products. These are especially dangerous and need to be carefully managed.

Watch Those Order Forums!

For example, there can be macros on common spreadsheets or order forums that use features like drop down menus.

“Those are a lot safer if used internally but I have seen this type of thing being used in emails,” Van Pelt says. He discourages the use of any features like these that can leave you vulnerable.

Here’s quick fix for those DYI’ers. All you need to do to start is click the Microsoft Office button. Then go to Excel which will lead you to the Trust Center and the Macro Settings. You can disable the macros from there.

Watch for Trouble with Word?

There can even be the same macros present in Word documents. Open one that’s infected and your entire business could be affected. The quick fix here is the same as for the spreadsheets.

Do Employee Training

In a recently published blog post, Van Pelt suggests that making employees aware of the threats is critical. He even posts an example of what one of these emails looks like.

Get Anti-Phishing Protection

Of course there are always those wearing black hats trying to get you to open emails with phoney addresses. However, anti-phishing protection is developed by the good folks wearing the white versions. Spoofed email addresses get lassoed and there is even domain validation included with most of these products.

Uncover Those Email Imposters

Cyber criminals are getting better and better at impersonating the style, tone and even appearance of emails from your coworkers and colleagues. Open the wrong one, and you can infect your company with a virus that can cripple operations.

“These are usually very simple,” Van Pelt says. “Something like, ‘Hey Bob, this is Ray, here’s an invoice that needs to be paid.’”

Usually these criminals aren’t very bright. Misspelled words can tip you off and things like orders from suppliers you don’t normally use should raise red flags.

Final Thoughts

Van Pelt cautions all small businesses to stay vigilant.

“These criminals are constantly coming up with new versions and some of them actually look like a Microsoft document of some kind.”

Phishing Photo via Shutterstock

More in: 2 Comments ▼

Rob Starr Rob Starr is a staff writer for Small Business Trends. Rob is a freelance journalist and content strategist/manager with three decades of experience in both print and online writing. He currently works in New York City as a copywriter and all across North America for a variety of editing and writing enterprises.

2 Reactions
  1. Thanks for this. I didn’t know that you can have malware in macros. You are more vulnerable if you are not that familiar with it.

  2. Hi Aira.
    It was interesting to find out how crafty these online criminals are. Some are even learning to imitate the tone and style of emails from people you with with.

Win $100 for Vendor Selection Insights

Tell us!
No, Thank You