The Computer Incident Response Center Luxembourg (CIRCL) issued a warning to companies and individuals in the Grand Duchy on Wednesday after detecting a new spam campaign aiming to trick email users into downloading malware.
The scam has used new and improved techniques in order to persuade users that the malicious emails have actually been sent from an office printer. Examples of messages containing malware include:
- printer@yourorganisationdomainname (i.e. printer@circl.lu)
- scan@yourorganisationdomainname
- copier@yourorganisationdomainname
- fax@yourorganisationdomainname
The spam campaign's email messages are delivered with a doc attachment that contains macros, which attempt to download financial malware in general.
"We recomment to not open the attachment and to forward this suspicious email directly to your IT Security department or the CIRCL team," advised CIRCL. As a precaution, IT departments should configure their printers in a way that they send emails with a specific keyowrd in the subject which would distinguish it from fake emails, for example 'Message from HR printer 7th floor'.
For more information and support, click here.
