Macro Virus - What it is, how it spreads, and how to block it safely

Macro Virus

What it is

A macro virus hides inside Office files like Word documents or Excel spreadsheets and runs tiny programs called macros when you open the file. Criminals use it to download more malware or steal data. For background and safe settings, see our macro attack explainer.

How it spreads - quick tour

  • Phishing emails with “urgent” invoices or resumes

  • Downloads that ask you to Enable Content or Enable Macros

  • Malicious templates or add-ins that auto-load

What you may notice

  • Office prompts to enable macros on a file from email or the web

  • Brief command windows flashing, odd network traffic

  • Documents that lock, crash, or show scrambled content

Remove it now

  1. Close the document and don’t enable macros.

  2. Run a full anti-malware scan, reboot, then scan again.

  3. In Office, check and remove unknown add-ins/templates.

  4. From a clean device, change passwords if sensitive files were opened.

Prevent it

  • Keep the default: Block macros from the internet in Office.

  • Open unknown docs in Protected View or online preview.

  • Verify invoices and attachments out of band before opening.

  • Use reputable email and web filtering plus EDR/anti-malware.

  • Store trusted templates centrally and train staff to never enable macros unless required.

    Glossary (A–Z)

    All A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

      • Related Articles

      • Multipartite Virus

        What it is A multipartite virus is malware that attacks more than one place at once - for example the boot sector and your files. That dual foothold helps it spread faster and makes cleanups tricky, since removing one part can leave the other hiding. ...

      • File-infecting Virus

        What it is A file-infecting virus hides inside legit programs (like .exe or .dll). When you run the program, the virus runs too - then copies itself into other executables, spreading across the PC and sometimes network drives or USBs. What you may ...

      • Computer Virus

        What it is A computer virus is malware that copies itself into other files and programs—so every infected file can spread the infection again. That’s why outbreaks snowball. Viruses can slow your PC, break apps, or hide other threats. See our ...

      • Phishing

        What it is Phishing is a scam where someone pretends to be a trusted person or service to trick you into giving up passwords, card numbers, or other sensitive data. It shows up in email, texts, social DMs, and look-alike websites. For a quick ...

      • Malware

        What it is Malware is any software made to harm your device or data. It can steal passwords, lock your files, spy on activity, or hijack your browser. For a quick primer and examples, see our malware explainer. How it spreads Phishing emails and fake ...