Microsoft Office has been the world’s most popular productivity app for many years. Word, Excel, PowerPoint and Outlook are instantly recognisable tools that we use at work and home.
Unfortunately, this popularity makes Office a magnet for cybercriminals who regularly create new ways to exploit the software to steal personal data. The good news is that there are some ways to reduce the risk of falling victim to the hackers.
Disable macros
Microsoft Office 365 is called a ‘productivity suite’ because the included applications – Word, Excel, PowerPoint, Outlook etc – are designed to help you be more productive. For this reason, MS Office includes a handy feature called ‘macros’.
Macros can be used to automate common tasks; if you have to regularly update a spreadsheet with some specific information or you want to create a letter from a template quickly, macros can help. By recording a macro, Office will automatically complete a repeated task so you don’t have to do anything. The macro is embedded in your file, so you can share it with friends and colleagues to help them be more productive too.
The problem is that macros can be hijacked by scammers who use them to download and install malware onto a victim’s computer. If you don’t use macros you should always disable them in your Office settings – that way you won’t be caught out if someone sends you an infected document.
Check out Microsoft’s step-by-step instructions for disabling macros.
Enable Two-step Authentication
Passwords are still one of the weakest aspects of IT security; if a hacker can steal or guess your password, they can access files stored your OneDrive cloud storage, or even read your Outlook email.
To make things harder for hackers, Microsoft offers ‘two-step verification’. When enabled on your Office 365 account, you will need to supply an additional code (as well as your email address and password) to log in.
This code will be sent as a text message to your phone and changes every time you log in. Unless the criminals have also stolen your phone, they can’t get past this second step. Alternatively, you can use the Microsoft Authenticator app; instead of a code sent by SMS, you are prompted to approve the login using an app installed on your smartphone.
Check out Microsoft’s video on how to enable Office 365 two-step verification.
Backup your data
Cloud storage has been incredibly helpful; by saving files to the cloud, they are far less likely to be lost if something goes wrong with your computer for instance.
If hackers manage to break into your Office 365 account, they can steal – or delete – the files stored in your OneDrive webspace. This makes OneDrive a useful copy of your data, but you cannot rely on it as your only backup.
To properly protect yourself you must keep another backup too. Fortunately, Windows PCs and Apple Macs have free backup software built-in – you just need an external hard drive to plug into your computer. If something goes wrong with your OneDrive storage, you can restore the missing data from your backup.
To learn more:
Covering the basics – install malware
Finally, make sure you have effective antimalware installed on your computer. Panda Dome can automatically detect malicious macros hidden in your Office documents warning you before they can cause any harm. Similarly, antimalware will alert you to infected Outlook email attachments so you can delete them to protect yourself.
You can download a free trial of Panda Dome antimalware.
Stay safe, stay productive
These simple tips will go a long way towards protecting yourself again Office 365 hackers. If you have run into problems and need some free advice, contact our Panda Total Care team for assistance.