Macro-based malware and ransomware: Malicious macros are a common vector for malware and ransomware. Once executed, they can propagate quickly, compromising not just the initial document but also templates and other files on the system.
Bypassing security controls: Attackers use macros to bypass security mechanisms, allowing unauthorized access to systems and networks. This can lead to data theft, espionage, or destruction of sensitive information.
Phishing and social engineering: Malicious macros are frequently spread through phishing emails. Users may be tricked into enabling macros, believing the document is legitimate, which triggers the malicious code.