How hackers trick you to open infected documents

Office for Mere Mortals
Your beginners guide to the secrets of Microsoft Office
Invalid email address
Tips and help for Word, Excel, PowerPoint and Outlook from Microsoft Office experts.  Give it a try. You can unsubscribe at any time.  Office for Mere Mortals has been running for over 20 years, we've never, ever revealed or sold subscriber details.  Privacy policy

Here’s how to avoid the tricks hackers use to infect your computer via Office documents.

Microsoft has added features to Office that should make it harder to infect your computer via a Word, Excel or PowerPoint document.  So hackers have found ways to trick people into bypassing those warnings and enable the viruses in the document.

When you open an .rtf (Rich Text) or .doc document that arrived via email, Word it opens in Protected View.

how hackers trick you to open infected documents 9375 - How hackers trick you to open infected documents

That lets you read the document without enabling any nasties.

If it’s a .docm .xlsm or .pptm file type (with macros included) then there’s yet another warning, assuming you have the default setting of macros disabled.

how hackers trick you to open infected documents 9377 - How hackers trick you to open infected documents

Hackers want you to click on the ‘Enable Editing’ button to unleash their code on your computer.

They do that with some message, either in the email or at the top of the document with some vaguely plausible excuse to explain why it’s essential to click on the ‘Enable Editing’ or ‘Enable Content’ button.

Here’s some examples:

“Click on Enable Content in Word to completely view this receipt”

“Enable VBA macros in Excel as a security measure”  — this sounds ridiculous to regular Office users, but it works!

Maybe something unexpected, even a little shocking like a Fake Witness Subpoena.

The emails are usually deliberately vague, enticing you to open the attachment to find out more.  A fake invoice message will lack important details (amount or reason for the bill) so you’re curious or worried enough to forget caution and open the document.

Very occasionally spammers get extra details like your street address to make the infected message seem more plausible.

Outlook has an attachment preview option that’s is all you need to safely view most attachments.  Just click/tap on the attachment or right-click and choose ‘Preview’.

how hackers trick you to open infected documents 9379 - How hackers trick you to open infected documents

subs profile e1563205311409 - How hackers trick you to open infected documents
Latest news & secrets of Microsoft Office

Microsoft Office experts give you tips and help for Word, Excel, PowerPoint and Outlook.

Give it a try. You can unsubscribe at any time.  Office Watch has been running for over 20 years, we've never, ever revealed or sold subscriber details.  Privacy policy
Invalid email address