Microsoft has reported an increase in malware spreading through the use of Microsoft Office macros, an automated set of computer instructions.
Efforts by the software vendor to disable macros unless authorised by the user are also being overturned by hackers that trick users to enable them, allowing malicious code to run.
"Two recent macro downloaders that we have seen spreading through spam email campaigns are TrojanDownloader:W97M/Adnel and TrojanDownloader:O97M/Tarbir," Microsoft said.
"These recent campaigns are one example of an increasing trend of macro malware targeting home users and enterprise customers. These threats predominantly target our customers in the US and UK."
The firm added that spam emails are being used to spread the viruses, disguising themselves with subject lines concerning payments, receipts, invoices and other things related to money.
The macro malware is also serving as a gateway to spread further infection, opening the door to other viruses infecting a system.
"The combination of the instructional document, spam email with supposed monetary content, and a seemingly relevant file name, can be enough to convince an unsuspecting user to click the Enable Content button," Microsoft said.
"When they do, the macro executes and downloads its payload, which is to download other malware, including TrojanDownloader:Win32/Drixed.B."