Microsoft Office: Macros & Enabled Content

Overview

Be wary of Microsoft Office documents containing macros. Macros are small bits of programming used to automate tasks that can also be used for spreading viruses and malware. Anti-virus programs cannot always catch all malicious macros. Opening an infected document can infect your machine, so it's important to take precautions.

What You Can Do

• Check with the sender. Email sending addresses can be forged. If you were not expecting an email attachment or shared doc from the sender, check with them in person, or via phone or text before opening it. Ask them if they sent it. 
• Do not enable macros or content. If you are prompted to enable macros or enable content when you open a document, do not do it unless you have checked with the document owner/sender and feel assured that the document is trustworthy. Ask them if macros need to be enabled and why.
• Look at the URL/address. Hover over links in emails with your mouse to reveal the actual URL or web address. Does the URL look familiar? Is the document-sharing site an NCU service that you recognize? If it seems suspicious, don't click.
• Do not open or download a document from an unfamiliar sender. Always look at the "from" field and the reply to (if there is one). 
  • Even if the email appears to come from a legitimate address; if you have any suspicions about the nature of the email or document, check with the person or organization to make sure the document or email is legitimate.
• Do not open or download a document shared or stored on a system or service you are unfamiliar with, and be cautious even if the storage is familiar.
• Preview the doc in Google Drive. It is reasonably safe to save an Office doc to Google Drive and use the preview feature of Google Drive to view it. This might help determine if the doc is legit or a scam.