Fake “Scan from a HP OfficeJet” email lead to malware

Posted by | February 28, 2012 | Uncategorized | No Comments

A hot topic of the end of the month is the Fake “Scan from a HP OfficeJet” email lead to malware

In the last few weeks there has benn notifications going around about documents having been scanned and sent via a HP OfficeJet printer/scanner that are trying to mislead users again and trick them to open the attached HTML files:

Fake "Scan from a HP OfficeJet" email lead to malware

This campaign is very spread, but the subject lines and the content of the emails, and also the name of the attached file, are continuously changed a little so that they can bypass spam filters.

The attached HTML files of the Fake “Scan from a HP OfficeJet” email lead to malware carry a malicious script that forces the victims’ browser to visit third-party sites likely laden with exploit code and/or malware.

“Attacks which cloak their true intentions by posing as a emailed scan from a printer are nothing new, and in the past have helped cybercriminals infect computers with Java and Adobe exploits,”points out Graham Clueley. “Computer users need to learn to be wary of unsolicited attachments, and not blindly click on something just because it pretends to be an official communication.”

The Fake “Scan from a HP OfficeJet” email lead to malware is only a small bit of the attacks that are currently roaming online.

About Network Security

At SecurityNet.org we believe each of us plays an important role in network security, and data protection. The articles on this site were written to keep each of us informed on the ever changing security scene so that we might stay one step ahead of those who would compromise our systems. If you have an article that you feel our visitors would benefit from please submit it via the contact form, or via email and we will publish it in the next available slot.

Warning: file_put_contents(): Only 0 of 56102 bytes written, possibly out of free disk space in /home/security/public_html/wp-content/advanced-cache.php on line 957

Fatal error: Uncaught exception 'Exception' with message 'Quick Cache: failed to write cache file for: `/fake-scan-from-a-hp-officejet-email-lead-to-malware/`; possible permissions issue (or race condition), please check your cache directory: `/home/security/public_html/wp-content/cache/quick-cache/cache`.' in /home/security/public_html/wp-content/advanced-cache.php:965 Stack trace: #0 [internal function]: quick_cache\advanced_cache->output_buffer_callback_handler('<!doctype html>...', 9) #1 /home/security/public_html/wp-includes/functions.php(3282): ob_end_flush() #2 [internal function]: wp_ob_end_flush_all('') #3 /home/security/public_html/wp-includes/plugin.php(496): call_user_func_array('wp_ob_end_flush...', Array) #4 /home/security/public_html/wp-includes/load.php(613): do_action('shutdown') #5 [internal function]: shutdown_action_hook() #6 {main} thrown in /home/security/public_html/wp-content/advanced-cache.php on line 965