Don’t Run Another Phish Test Until You Read This
Get Started Book a Demo

Macro Virus

2nd December 2020 | Cybrary Macro Virus


macro virus

A Macro Virus is a virus that adds its code to the macros embedded within documents, spreadsheets, and other data files. The first macro virus appeared in July of 1995 infecting a Word document. This rapidly became the dominant type of virus until the turn of the century, when Microsoft disabled macros by default in Office 2000 and later. Since then, cybercriminals using macro viruses have had to trick users into enabling macros for their infections to take place.

Macro viruses are embedded in Word documents, PowerPoint and Excel files, or even Microsoft database files. They’re often attached to emails, downloaded from fake download websites visited via phishing links or click bait news articles. They are difficult to detect, as they do not activate until an infected macro is run, at which time they perform their damage. 

Macro viruses are similar to a Trojan horse since they appear harmless and come with interesting packaging (salaries.xlsm, Calamity_Images.pptm). Notice the “M” in the extension.  Microsoft created unique file extensions to signal the presence of a Macro enabled file.  This also allows cybersecurity professionals, engineers, and vCISO’s to filter out “M” extension file types from email attachments.  Commonly filtered extensions for Microsoft Macro enabled viruses include:

Microsoft Files with Macros .docm, .dotm, .xlsm, .xltm, .xlam, .pptm, .potm, .ppam, .ppsm, .sldm

Unlike Trojans, macro viruses can replicate themselves and infect other computer files like a worm

Source: Kaspersky

Related Terms: Melissa Virus, Memory-Resident Virus, Morris Worm

What does this mean for an SMB?

To avoid macro-based viruses take these three steps:

  1. educate employees on the risks of macro-enabled files;
  2. filter file attachments in your email security system (if possible); and
  3. always deploy endpoint security solutions that can detect and remove macro and other viruses.

Schedule regular scans of your computers to clean infected documents.
 
Businesses might consider adding Anti-Malware products alongside Anti-Virus software on their systems. Defense-in-Depth is the name of the game when it comes to securing your organization.  Become more Aware to Become more Secure.

To learn more about Macro Viruses, watch this short 2 minute video:

Are you doing enough to protect your business?

Sign up with CyberHoot today and sleep better knowing your

employees are cyber trained and on guard!


Sign Up Today!

Latest Blogs

Stay sharp with the latest security insights

Discover and share the latest cybersecurity trends, tips and best practices – alongside new threats to watch out for.

Top 10 Emerging AI-Based Threats Every Business Must Prepare For
26th August 2025 | Blog

Top 10 Emerging AI-Based Threats Every Business Must Prepare For

Artificial Intelligence (AI) is transforming productivity and efficiency, but it’s also arming cybercriminals...

Read more
Microsoft Rolling Out Token Protection: Practical Guidance for MSPs
21st August 2025 | Blog

Microsoft Rolling Out Token Protection: Practical Guidance for MSPs

Part 2 of Our Microsoft Entra Security Series In Part 1, we explored how Microsoft’s Token Protection...

Read more
Why Traditional Phishing Tests Fail — And How the Latest Research Proves It’s Time for a Change
12th August 2025 | Blog

Why Traditional Phishing Tests Fail — And How the Latest Research Proves It’s Time for a Change

For years, organizations have relied on fake email phishing simulations to measure employee resilience to...

Read more
Get Started All Posts