15

We have been getting a new kind of scammer-esque call every couple weeks here at the office (I work at an enterprise web application development company).

Basically, the flow of events is this:

  1. Caller has spoofed their caller-ID to have an identical name as our company.
  2. Seemingly friendly lady claims to be "Debbie from Accounting" or something similar.
  3. This "Debbie" says she is trying to print something and just needs me to read off the printer serial number so she can connect.

This is obviously completely bogus for a bunch of reasons (one being we have like 8 employees here, none are named Debbie and we don't even have an Accounting department).

The name was different both times (this has happened twice now).

Anyway, my question is what exactly is this scammer trying to accomplish? Do they install malware remotely to printers?

Anders
  • 64,406
  • 24
  • 178
  • 215
Omar Himada
  • 253
  • 1
  • 5
  • 9
    I would say that the printer serial number is not the goal, but rather to get you to start to do something for them. Then, they will escalate what they are asking in order to get you "deeper on the hook". – schroeder Aug 25 '15 at 19:07
  • Perhaps this person is trying to order your ink? – Rob Aug 25 '15 at 19:06
  • 2
    Maybe they have access to a database where they can use printer serial numbers to look up detailed information so they can come back later with a more targeted phishing attack? – Mike Ounsworth Aug 25 '15 at 19:09
  • 9
    It shows up in snopes. It's an old scam to order a bunch of stuff and ship it to you. Then they wait for you to open the packages, and send you a huge bill. http://www.snopes.com/crime/fraud/supplies.asp – Rob Aug 25 '15 at 19:10
  • 2
    Next time, blabber some random serial number and watch what happens next – balki Aug 25 '15 at 19:30
  • 1
    @Rob this could be an answer. Write one to allow for op to mark it as the answer. – Alex Aug 25 '15 at 20:07
  • 2
    The serial number of our printer is seven-H-fifteen-space-fifteen-space-4-space-five-C-four-M. – Philipp Aug 26 '15 at 08:07

1 Answers1

11

As written in @Rob's comment, the scammer is trying to get the S/N of your printers (information gathering, the first step in a social engineering attack) so later on will place the real scam:

  • either call and pretend he's your legitimate printer supplier (after all, he knows the S/N of your printers) and persuade you to order cheap paper and toner supplies for an exorbitant price;
  • or just send the supplies to your office. The invoice will show the S/N so it will look like a legitimate placed order.

It is worth noting that if you need to print on a specific printer you'd need to know either its network name or its IP address; knowing its S/N won't tell you anything, so "Debbie"'s request is bogus.

dr_
  • 5,060
  • 4
  • 19
  • 30
  • Not necessarily bogus. If the maintenance of the printer is outsourced and the maintainers systems are compromised, the S/N can be used as an entry point into the company. – Test May 05 '17 at 19:13