Be wary of Microsoft Office documents containing macros. Macros are small bits of programming used to automate tasks that can also be used for spreading viruses and malware. Anti-virus programs cannot always catch all malicious macros. Opening an infected document can infect your machine, so it's important to take precautions.
How Infected Docs Spread
You might receive an infected Office document:
- Shared as a download link in email **
- As an email attachment **
- Shared on cloud services such as OneDrive and Dropbox.
What You Can Do
- Check with the sender. Email sending addresses can be forged. If you were not expecting an email attachment or shared doc from the sender, check with them in person, or via phone or text before opening it. Ask them if they sent it.
- Do not enable macros or content. If you are prompted to enable macros or enable content when you open a document, do not do it unless you have checked with the document owner/sender and feel assured that that the document is trustworthy. Ask them if macros need to be enabled and why.
- Look at the URL/address. Hover over links in emails with your mouse to reveal the actual URL or web address. Does the URL look familiar? Is the document-sharing site a service that you recognize? If it seems suspicious, don't click.
- Do not open or download a document from an unfamiliar sender. Always look at the "from" field and the "reply to (if there is one).
- Do not open or download a document shared or stored on a system or service you are unfamiliar with, and be cautious even if the storage is familiar.
- Preview the doc in Google Drive. It is reasonably safe to save an Office doc to Google Drive and use the preview feature of Google Drive to view it. This might help determine if the doc is legit or a scam.