Don’t trust that email: It could be from a hacker using your printer to scam you

Printers and scanners are increasingly becoming ways for cyber crooks to deliver phishing attacks, thanks to a flaw in the Microsoft 365 Direct Send feature.

The Varonis forensics team has uncovered an exploit which allows internal devices such as printers to send emails without authentication. The vulnerability has been used to target more than 70 organizations, predominantly in the US, with threat actors spoofing internal users and delivering phishing emails without needing to compromise any accounts whatsoever.

The campaign has been successful because emails sent from within Microsoft 365 (M365) undergo less scrutiny than standard inbound email.Don’t trust that email: It could be from a hacker using your printer to scam you – ComputerworldRead More