Thursday, April 4, 2013

Scanned Document Messages Malware?

I came across an article warning about cyber-criminals  using scanned document messages to infect computers.  Take a look at the article for more information about this type of attack in general.

Scanned document messages from ESSD copiers have a unique look and built-in safeguards to protect the district network, district information, and you.  This is a serendipitous opportunity to take a closer look at our scanned document procedures and messages.

All the district networked scanning devices are restricted and controlled with several layers of security.  Without revealing too much proprietary information, I can tell you that no district networked MFP (multi-function printer) can send an image from a scanned document outside our domain.  In other words, what's scanned in ESSD, stays within ESSD.  At least by the limited ability of the MFP.

When a scanned document is sent to a district network account by the MFP, the email looks similar to this one at left.  Note the following identifiers:

  • The sender is ESSD Copier <>.
  • The subject line includes the network name of the MFP used to scan and send.
  • The body includes the network name and model of the MFP, the scan date and the email address of the work order system for replies.
If you were expecting a scanned document, then no problem.  But if not, be safe than sorry and do not open the attachment or click on the link.  

And, if you wish, you may forward the email to to ask the tech department to look into the matter.