Get access to hundreds of financial resources as an RFP INSIDER

Learn More

Resourceful Finance Pro

Threat alert: New malware attacks from Excel files

Brian Bingaman
By: Brian Bingaman

About the Author

Brian researches and writes about accounts payable and CFO management trends. He was a newspaper journalist in suburban Philadelphia for nearly 20 years.

Show Less
Last Updated: October 25, 2023
1 minute engagement
AI Fraud

Got an Excel attachment in your email? Double-check it before downloading – it could be infected with malware.

In its 2021 Q4 Threat Insights Report, HP’s Wolf Security service detected a dramatic 588% surge in computer and network malware infections involving Excel add-in files that end in .XLL.

Double-clicking these attachments or links opens Excel, which then prompts the user to install and activate the add-in. These particular malware attacks don’t require the user to exit Excel’s Protected View and enable macros.

Prevent Excel malware sneak attacks

The HP Wolf Security report offered three different options for organizations to protect themselves from .XLL malware attacks:

  1. Have IT configure your firm’s email gateway to block inbound messages that have .XLL attachments. Some email gateways already do this because .XLL files are dynamic link libraries, a type of file not typically sent by email.
  2. Configure Excel to allow only add-ins from trusted publishers. From the File menu, click on Options, then select Trust Center and click on the Trust Center Settings box to the right. Trusted publishers, locations, documents and add-in catalogs are the top options in the Trust Center menu.
  3. Configure Excel to disable all proprietary add-ins. This can be done under “Add-Ins” in the Excel Trust Center Settings.
Filed under

Free Training & Resources

White Papers

From Surviving to Thriving: Transforming Nonprofit FinanceStrategy

Webinars

Powerful Excel Visuals Without Charts

White Papers

Navigating Complexity: Financial Close Strategies for Diversified Enterprises

White Papers

Consolidation 3.0: The future of finance is here

Resources

Further Reading

Tech CEO Off to Jail for Cooking the Books

The wave of tech fraudsters landing in the slammer rolls on. Elizabeth Holmes of Theranos infamy, crypto hustler Sam Bankman-Fried … ...

How did this billion-dollar company not notice a finance staffer was robbing it blind?

The most common reason companies get ripped off by dishonest employees? Lack of oversight. The Jacksonville Jaguars football franchise i...

Securities Fraud Plaintiffs Win Right to Jury Trial

The Securities and Exchange Commission (SEC) can no longer deny a party charged with securities fraud to a jury trial in a federal court. ...

$90M Payroll Tax Fraud Allegations Expose Staffing Vendor Oversight Risks

Client companies thought they were outsourcing payroll and HR compliance to a vendor. But the tax exposure never really left their books. ...

The Employee Most Likely to Commit Expense Fraud – and Why It’s Getting Worse

Finance teams have always known expense fraud is a problem. What’s changed is the scale, the motivation, and the profile of who’...

FBI is Going Full Guns on Price-Fixing

Is there a single business in the U.S. that’s resisted raising prices since early 2020? Good luck finding one. But there’s a fi...

Privacy Policy | Terms of Service
Copyright© 2026 Rover Insights
preloader