Spoofed emails purportedly coming from HP, Canon, and Epson network printer-scanner devices are attempting to infect millions of users with malicious attachments, according to Barracuda.
The attempts began in late November with the attackers sending bogus emails that read "Scanned from HP," "Scanned from Epson," or "Scanned from Canon," in the subject line, Barracuda researchers note in a blog. The attackers use PDF files to carry their malicious payload, because employees will typically send a PDF file from a network printer to their co-workers, Barracuda notes.
Attackers have attempted to avoid detection by modifying file names and extensions from within the traditional file archive. This allows the attackers to hide the malware inside the archive and imitate a .jpg, .txt, or other file format.
Once the attachment is opened, the attackers can gain remote access to users' computers and check for network-connected systems.
Read more about the spoofed network printer-scanner campaign here.