Has your Hewlett-Packard ScanJet printer just tried to infect your PC with malware?

HP ScanJet printerComputer users are being warned to be on their guard, after cybercriminals spammed out an attack posing as emails from Hewlett-Packard ScanJet printers.

If you work in a business environment, you might well be used to receiving dull-looking emails from printers and scanners in your workplace containing attachments of the scan that the device has just completed.

And that’s precisely the disguise that malicious hackers can use to infect your computer with a Trojan horse.

We’ve talked about these type of attacks several times before, but in the past the danger has typically arrived in the form of an email attachment posing as, say, a PDF of the scan.

Sign up to our free newsletter.
Security news, advice, and tips.

In this latest attack, users are tricked into clicking on a link in the message which redirects users to a website harbouring malware.

Example of malicious email

In this particular case, clicking on the link leads unsuspecting computer users to a Russian webpage. Sophos products block the dangerous page as Mal/ExpJS-N.

Of course, these particular emails do not come from a printer inside your enterprise – their headers have been forged to appear as if they have come from inside your organisation.

And, of course, this isn’t HP’s fault. There isn’t really anything they can do to stop online scammers and criminals ‘borrowing their brand’ in this way.

As always, be very careful dealing with unsolicited emails and wary of clicking on unknown links – even if you do think at first that they could have been sent to you by one of the printers or photocopiers in your office building.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.