As if IT guys and cybersecurity pros didn’t have enough to worry about, some of the old tactics for spreading malicious software are back, taking tech users by surprise in the process. Macro-based malware, which was pretty much abandoned after word got out that it was a known virus attempt (kind of like how people finally got wise to the fact that Nigerian princes don’t need help getting their fortunes out of the country), is making a comeback to prey on a new generation of computer users.
The macros primarily relied on Word documents that were attached to emails as the mechanism for infection. That’s because Word macros are built to execute a lot of different functions in a single command. Where the user might only be executing “open this document,” the macros were also dumping malware installers at the same time. The recipient opens the attachment under the guise of say, an overdue invoice, then the installation is triggered from the gibberish in the document.
But it turns out you can teach an old dog a few new tricks. This old-school mechanism comes with a 21st century facelift in that it contains a new packet of malicious software directly in the Word doc itself. If the macros don’t get you, the document will. That’s why the old warnings are still in effect: never download anything that comes in an email or message, unless you were specifically expecting it or can trust the sender email.
Fortunately, Microsoft has enabled some security features since the old days, and they specifically allow users to disable all macros coming in from internet sources. It’s annoying in its own way, since you have to re-enable them if needed. But with the sophistication now that allows these viruses to bypass typical security protocols, it’s an added layer of protection in an era of record-setting numbers of data breaches.