Over a decade ago hackers used macro’s programmed into Microsoft Word, Excel and Powerpoint files to silently install malware onto any computer that opened the file, once this became mainstream Microsoft strengthened security on its office suite and there was a dramatic drop in macro based attacks but it seems hackers have started using this method again. The latest malware discovered is called Dirdex and once you accept macros onto your machine, Dirdex is silently downloaded and installed in the background without your knowledge and then sits and waits, monitoring your internet browsing until you navigate to a set list of banks websites.
Once there Dirdex will add additional HTML fields into the pages code and ask for things like social security numbers and the like.
Avoiding unknown emails as the macro infected documents are buried inside spam emails, which are sent from Vietnam, India, Taiwan, South Korea and China while The U.S. , UK and Australia are the top three infected countries. The safest bet is to keep macros turned off when prompted and if in doubt ask the author of the document if it is required to properly view it.