A new twist in the tale as old as…computers. Cyber-criminals are now impersonating network printers in an attempt to spread malware as attachments that appear to be coming from the network printer. In this article we’ll learn how to protect your business from Network Printer Phishing Scams.

Researchers first witnessed the initial attack in late November 2017 and said the attachment provides the attackers with the ability to initiate covert surveillance or gain unauthorized access to a victim PC  backdoor into the victim PC according to a Dec. 21 blog post. The attacks impersonate Cannon, HP, and Epson brand printers/scanner devices to gain the user’s trust.

“Receiving a PDF attachment in an email sent by a printer is so commonplace that many users assume the document is completely safe,” researchers said in the blog. “From a social engineering perspective, this is exactly the response that the cybercriminals want.”

PDF files are the most common type of file used, as they can be weaponized to deliver active contents which can be harmful to users because they are more likely to assume they are safe considering the source, researchers added.

What can you do to avoid Network Printer Phishing Scams?

The best way to protect against this type of scam is to ensure users have training and awareness of advance threat protections.

Making sure everyone in your organization is familiar with what a REAL email from your machine looks like is the first step

[cz_stylish_list id=”cz_110961″ items=”%5B%7B%22title%22%3A%22Take%20note%20of%20the%20email%20subject.%22%2C%22subtitle%22%3A%22You%20may%20find%20it%20a%20good%20idea%20to%20implement%20a%20designated%20subject%20that%20everyone%20inputs%20before%20scanning%20a%20document.%20The%20scam%20emails%20subject%20read%20something%20like%20%E2%80%9CScanned%20from%20HP%E2%80%9D%2C%20%E2%80%9CScanned%20from%20Epson%E2%80%9D%2C%20or%20%E2%80%9CScanned%20from%20Canon.%E2%80%9D%20If%20the%20subject%20doesn’t%20match%20what%20users%20are%20expecting%2C%20they%20can%20immediately%20delete%20the%20email.%22%2C%22icon%22%3A%22fa%20czico-074-tick-inside-circle%22%7D%2C%7B%22title%22%3A%22Notice%20the%20email%20address%20the%20machine%20normally%20uses%20to%20send%20documents.%20%22%2C%22subtitle%22%3A%22Researchers%20recommend%20that%20users%20double%20check%20with%20the%20sender%20if%20they%20receive%20unexpected%20files%20or%20delete%20them%2C%20hover%20the%20mouse%20over%20hyperlinks%20to%20ensure%20they%20look%20legitimate%20and%20not%20click%20anything%20suspicious.%22%2C%22icon%22%3A%22fa%20czico-074-tick-inside-circle%22%7D%2C%7B%22title%22%3A%22Customize%20Subject%20Lines%22%2C%22subtitle%22%3A%22We%20also%20recommend%20changing%20the%20name%20of%20the%20attachment%20on%20the%20machine%20to%20something%20specific%20and%20descriptive%20before%20sending%20a%20document.%20This%20way%20there%20is%20no%20confusion%20as%20to%20what%20the%20recipient%20is%20receiving%20before%20they%20open%20it.%22%2C%22icon%22%3A%22fa%20czico-074-tick-inside-circle%22%7D%2C%7B%22title%22%3A%22Learn%20About%20Security%22%2C%22subtitle%22%3A%22Read%20through%20the%20Security%20White%20Paper%20for%20your%20machines.%20Contact%20your%20rep%20if%20you’re%20worried%20about%20a%20threat%20and%20they%20can%20send%20you%20a%20copy%20and%20even%20walk%20you%20through%20how%20to%20implement%20these%20precautions.%22%2C%22icon%22%3A%22fa%20czico-074-tick-inside-circle%22%7D%5D” sk_icons=”color:#e7323b;”][cz_gap id=”cz_94658″]