Do you receive MS Office files from clients or other agencies via email or download? If these files contain macros, Microsoft will disable these macros by default. But why does Microsoft disable macros as standard?
What are macros and why disable macros?
Macros can add a lot of functionality to Office files however people with bad intentions also often use them to spread malware. They are not required for everyday use, such as reading or editing a document in Word or Excel files. In most cases, you can do everything you need to do in Office without using macros.
What are files from the internet?
Files from the internet are, for example, files downloaded from a website or files you receive via email. Files you share with your colleagues are not classed as files from the internet and will not be treated as suspicious.
Should I allow macros?
Do you want to allow the macros anyway? First ask yourself the following questions:
Do I expect to receive a file containing macros?
Never open an unexpected file attachment, even if it comes from someone you trust. In a phishing attack, it seems that the mail comes from a person or organisation that you trust. This is an attempt to get you to open the file.
Am I encouraged to set up content by a stranger?
A common tactic by attackers is to create a pretext, such as cancelling an order or having you read a legal document. They let you download a document and trick you into running macros. No legitimate company will let you open an Excel file to cancel an order, and you don’t need macros to read a document in Word either.
Am I encouraged to enable content via a pop-up message?
If you downloaded the file from a website, you may see pop-ups or other messages encouraging you to enable active content. These are common attacker tactics. These tactics should ring alarm bells. Is this file really safe?
If a file downloaded from the internet wants you to allow macros and you’re not sure what they do, you should probably just delete that file. In other words, when in doubt, don’t allow macros.
What if you do want to allow macros
If you are very sure that your document is safe, there is a workaround available that allows you to unblock the macros.
Save the file and navigate to it through the explorer. Right click on it and select ‘properties’.
At the bottom of the first tab you will see the heading ‘security’. Check the ‘unblock’ box and click on ‘OK’. Now the macros are enabled in this document. Again be very careful and make sure that the document is safe!
Tech-Wales Cyber Security
As stated it is more and more difficult to find qualified staff. Tech-Wales can be your IT partner to provide your business with all the IT expertise including cyber security. We also provide fast and reliable business IT consultancy and cloud computing services to provide the complete IT package for your business. Do not hesitate and contact us today to discuss.