How attackers use Microsoft Office

Protecting a Microsoft Word, Excel, or other Office file with a password encrypts the contents of the file. This prevents opening the file without the password or viewing its contents directly. It also prevents security tools from scanning the file for viruses or malicious code.

Attackers take advantage of this by sending password-protected documents to sneak malware past our email security software. If you receive a password-protected file that you were not expecting, proceed with caution! Assume the file could contain malware, and ask for help if you’re not sure how to stay safe.

Macros allow you to run scripts or code within a Microsoft Office document. Sometimes this code is expected and required for a document or spreadsheet to display correctly, but other times this code is malicious and will attempt to install a virus or malicious software on your computer. If a document contains a macro, you will see a security warning and ‘Enable Content’ button:

Clicking the button allows the embedded code to run, so only click if you know the document is safe and that macros are expected and required. If you have any doubt, contact the person who sent the document or phone Computer Help NI for advice.