Microsoft Office VBA macro viruses were a pretty powerful exploit back in the 1990’s, but security changes by Microsoft and other security software vendors had pretty much made them moot by 2000. Surprisingly enough malware writes are giving them a new life by tricking users into disabling macro protection. Here is how it works:
VBA or Visual Basic for Applications is a software language created by Microsoft to allow advanced users to write bits of code called “macros.” Macros allow a document created in Word, Excel or other Office applications to contain little bits of software code that turn a DOCUMENT into a light weight APPLICATION, which can allow the document to do some pretty cool and amazing things for the creator of the document. Or it allows a document, like a Word or Excel file, to carry a hidden payload of malware. Sent as an attachment to a spam, phishing, or spearphishing email, if the macro is enabled, it will quietly begin to install the malware application without any further notice to the recipient. What is different this time, is the recipient has to allow the macros to run. What the scammers do, is tell you that the macro warning is a special form of security and enabling it will allow you to read the entire message, some of which has been obscured. If you receive an email with a Word, Excel, or other Office document attachment,and it requires that you enable macros, the chances are that you are about to be attacked.
My rule of thumb is NEVER open an attachment unless you are expecting it, you know who it is from, and you know why they sent it. There is nothing wrong with replying to or calling the sender to confirm the authenticity of the email and attachment.
When in doubt, you can upload the file attachment to the VirusTotal website to have it verified.