Get Started Book a Demo

Macro Virus

2nd December 2020 | Cybrary Macro Virus


macro virus

A Macro Virus is a virus that adds its code to the macros embedded within documents, spreadsheets, and other data files. The first macro virus appeared in July of 1995 infecting a Word document. This rapidly became the dominant type of virus until the turn of the century, when Microsoft disabled macros by default in Office 2000 and later. Since then, cybercriminals using macro viruses have had to trick users into enabling macros for their infections to take place.

Macro viruses are embedded in Word documents, PowerPoint and Excel files, or even Microsoft database files. They’re often attached to emails, downloaded from fake download websites visited via phishing links or click bait news articles. They are difficult to detect, as they do not activate until an infected macro is run, at which time they perform their damage. 

Macro viruses are similar to a Trojan horse since they appear harmless and come with interesting packaging (salaries.xlsm, Calamity_Images.pptm). Notice the “M” in the extension.  Microsoft created unique file extensions to signal the presence of a Macro enabled file.  This also allows cybersecurity professionals, engineers, and vCISO’s to filter out “M” extension file types from email attachments.  Commonly filtered extensions for Microsoft Macro enabled viruses include:

Microsoft Files with Macros .docm, .dotm, .xlsm, .xltm, .xlam, .pptm, .potm, .ppam, .ppsm, .sldm

Unlike Trojans, macro viruses can replicate themselves and infect other computer files like a worm

Source: Kaspersky

Related Terms: Melissa Virus, Memory-Resident Virus, Morris Worm

What does this mean for an SMB?

To avoid macro-based viruses take these three steps:

  1. educate employees on the risks of macro-enabled files;
  2. filter file attachments in your email security system (if possible); and
  3. always deploy endpoint security solutions that can detect and remove macro and other viruses.

Schedule regular scans of your computers to clean infected documents.
 
Businesses might consider adding Anti-Malware products alongside Anti-Virus software on their systems. Defense-in-Depth is the name of the game when it comes to securing your organization.  Become more Aware to Become more Secure.

To learn more about Macro Viruses, watch this short 2 minute video:

Are you doing enough to protect your business?

Sign up with CyberHoot today and sleep better knowing your

employees are cyber trained and on guard!


Sign Up Today!

Latest Blogs

Stay sharp with the latest security insights

Discover and share the latest cybersecurity trends, tips and best practices – alongside new threats to watch out for.

Why Your Clients’ Routers Are Now a National Security Conversation
19th May 2026 | Blog

Why Your Clients’ Routers Are Now a National Security Conversation

You now have five important reasons to start a router security conversation with your small business clients this...

Read more
Your Employees Connected 47 Apps to Google Last Year. Can You Name One of Them?
12th May 2026 | Blog

Your Employees Connected 47 Apps to Google Last Year. Can You Name One of Them?

OAuth tokens don't expire when employees leave, passwords change, or apps go rogue. Your security program needs...

Read more
Attackers Don’t Need a Key. They Already Have Yours.
5th May 2026 | Blog

Attackers Don’t Need a Key. They Already Have Yours.

Most breaches don't start with a hacker in a hoodie cracking code at 3am. They start with your username and a...

Read more
Get Started All Posts