Users are the target of fake notifications about a scanned document, but instead of attaching a malicious file to the email, attackers are including a link to a site serving malware.
The email’s headers make it look like the message came from a printer inside the victim’s enterprise. In this case the attackers chose the HP brand, but they could have chosen any of the other leading printer brands.
In this particular case, clicking on the link leads unsuspecting computer users to a Russian webpage.
This type of malicious spam constantly goes through a rotation with cyber criminals, said Graham Cluley, a senior technology consultant at Sophos. If the victim is at work going about his or her job, there is a high possibility that you will open the email and click on the link/download the attachment without thinking twice about it.
“If you work in a business environment, you might well be used to receiving dull-looking emails from printers and scanners in your workplace containing attachments of the scan that the device has just completed,” Cluley said. “And that’s precisely the disguise that malicious hackers can use to infect your computer with a Trojan horse.”