Following These 6 Tips Will Help You Avoid a Macro Phishing Attack

Protecting Your Small Business from Macro-Based Malware

Some of the cybersecurity threats small businesses face lurk in the emails employees open everyday. One of the most dangerous forms is called phishing, in which malicious viruses hide in otherwise innocent attachments. That was the case with the recent DocuSign macro attack.

In the DocuSign hack, emails spoofed the company brand and tricked unsuspecting people into opening an infected Word document. Macros are automation codes used in Word documents and Excel spreadsheets in Microsoft Office. In some of these phishing attacks, a file is sent prompting users to open these macros, which contain the malware.

So the question becomes, what can small businesses do to avoid falling victims to these attacks? Small Business Trends talked with Mike Van Pelt, threat analysis engineer at the Barracuda Networks in San Francisco. He supplied some valuable tips on the subject.

Protecting Your Small Business from Macro-Based Malware

Leave Macros Alone

The biggest tip to make sure you don’t run into any security issues through macros is don’t enable them.

“If you don’t need to use them, you should definitely have them turned off,” Van Pelt says. “That’s the major way these viruses get in through office documents.”

If you have a systems administrator, they should set a policy about not enabling macros. Van Pelt says this is likely the way other infamous Ransomware viruses like WannaCry got into networks.

Keep in mind that by default, these macros aren’t tuned on usually and need to be enabled. However, there are situations where these are enabled by default in some Microsoft products. These are especially dangerous and need to be carefully managed.

Watch Those Order Forums!

For example, there can be macros on common spreadsheets or order forums that use features like drop down menus.

“Those are a lot safer if used internally but I have seen this type of thing being used in emails,” Van Pelt says. He discourages the use of any features like these that can leave you vulnerable.

Here’s quick fix for those DYI’ers. All you need to do to start is click the Microsoft Office button. Then go to Excel which will lead you to the Trust Center and the Macro Settings. You can disable the macros from there.

Watch for Trouble with Word?

There can even be the same macros present in Word documents. Open one that’s infected and your entire business could be affected. The quick fix here is the same as for the spreadsheets.

Do Employee Training

In a recently published blog post, Van Pelt suggests that making employees aware of the threats is critical. He even posts an example of what one of these emails looks like.

Get Anti-Phishing Protection

Of course there are always those wearing black hats trying to get you to open emails with phoney addresses. However, anti-phishing protection is developed by the good folks wearing the white versions. Spoofed email addresses get lassoed and there is even domain validation included with most of these products.

Uncover Those Email Imposters

Cyber criminals are getting better and better at impersonating the style, tone and even appearance of emails from your coworkers and colleagues. Open the wrong one, and you can infect your company with a virus that can cripple operations.

“These are usually very simple,” Van Pelt says. “Something like, ‘Hey Bob, this is Ray, here’s an invoice that needs to be paid.’”

Usually these criminals aren’t very bright. Misspelled words can tip you off and things like orders from suppliers you don’t normally use should raise red flags.

Final Thoughts

Van Pelt cautions all small businesses to stay vigilant.

“These criminals are constantly coming up with new versions and some of them actually look like a Microsoft document of some kind.”

Phishing Photo via Shutterstock

This article, “Following These 6 Tips Will Help You Avoid a Macro Phishing Attack” was first published on Small Business Trends

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s