Spreadsheet Macros

Scammers send out huge volumes of emails containing malware attachments and they try to get the recipients to open those attachments. Some of these contain programming code which activates as the file is opened, so this can be dangerous

You can avoid attachments that are actually programmes, but spreadsheets are very useful for financial documents e.g. invoices and statements.

Microsoft Excel spreadsheets usually have the file extension .xls but ones that contain macros are usually .xlsm

Macros are Excel programming code and can contain malware so you need to be beware of these.

e.g. an email claiming to be from Bank of America with a confirmation notice in the format of a spreadsheet with macros i.e. .xlsm format.

Some email systems will automatically turn off automatic macro activation and some anti malware services will do this, but best to be sure by not opening the attached file, however much you may want to know what’s in it.

One particularly nasty phishing campaign used spreadsheets with macros to install a remote access trojan  on the computer’s system. This trojan is known as Grace Wire or Flawed Grace.

That software then steals information from the system and sends it back to the scammer. The attachment also contained malware downloaders that install Dridex and Trick banking trojans.

Do not open attached files unless you are certain they are safe.

If you have any experiences with these scams do let me know, by email.

Fightback Ninja Signature

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.