What is a typical feature of malicious attachments?

Malicious attachments commonly rely on embedded macros to run code and pull in malware. A macro is a small script stored inside a document (such as a Word or Excel file) that can execute when the user enables macros. Attackers exploit this by delivering a seemingly legitimate file; when macros are enabled, the code can silently contact a remote server and download or install malware, giving the attacker a foothold. This delivery method is prevalent because it leverages normal document functionality and can bypass simple checks that look for obvious executables. Other options aren’t as representative: attachments aren’t limited to executable files, macros can exist in various document formats, and while social engineering can help, it isn’t a universal requirement for macro-based attacks.