Recently workers at different places started to receive the so-called anti work manifestos printed on the business receipt printers. The manifestoes were signed at the end with the reddit account. Many at first thought that the printer’s spam might be just someone having printed the manifestos and shared them on reddit. Some reddit users even suggested a conspiracy to create an effect of r/antiwork doing something illegal.
Receipt printers started to spam with “Antiwork Manifestos”
“ARE YOU BEING UNDERPAID?” goes in one of the manifestos, seen in several screenshots posted on Twitter and Reddit. “You have a protected LEGAL RIGHT to discuss your pay with your coworkers. […] POVERTY WAGES only exist because people are ‘willing’ to work for them.”
But as Andrew Morris, the founder of GreyNoise, a cybersecurity firm that monitors the internet says his firm actually detected network traffic going to insecure receipt printers. Someone or multiple people have been sending those printing jobs all over the internet randomly. Whoever does this has thorough technical knowledge. They broadcasted print requests for a document containing workers rights messaging to all printers that are misconfigured and exposed to the internet.
GreyNoise received evidence that it is printing successfully in some number of places; the exact number would be difficult to confirm. Shodan, a tool that scans the internet for insecure computers, servers, and other devices suggests that thousands of printers are exposed. Morris says that the mass-print comes from 25 separate servers so blocking one IP isn’t enough.
History has several instances of such a classic hack. Several years ago Youtube channel PewDiePie was promoted in such a way. In another case a hacker printed messages that bragged about spammer being the “the hacker god”.
Despite being delivered in quite an unusual way, the case with receipt printers can be classified as spam. Encyclopedically speaking spam means a large bulk of unsolicited correspondence sent to random people. Usually threat actors do this via phone calls, social media and text messages. Actually spam is not an acronym for a computer threat although some proposals included stupid pointless annoying malware, for example.
What is spam and how to avoid it?
The term name for the mass unsolicited messages comes from a Monty Python skit. In it actors declared that everyone must eat Spam food whether they want it or not. The same with these kinds of emails you simply just put up with them. Although there is no single cure against this kind of annoyance you can take simple precaution advices.
One of the things to look for is the sender’s name. Sometimes those names show it obvious but in other cases they play on the attentiveness of the receiver. For example it can be something like happywinnerstoday@3245.biz or customersupport@mictosoft.com instead of microsoft.com. Always check if the sender’s email address matches with the company’s domain.
Next see if an email contains grammar mistakes we highly doubt that any well respected company or others will allow such nuance. Here you don’t need to hold an English major but rather once again apply your attentiveness.
The red flag might be missing personal information. Any company that you had previously any kind of correspondence will surely have some kind of. And missing the greeting by name looks suspicious.
One of the sure things that something presents just spam is too-good-to-be-true offers. They can be sent from companies you had communication with or they can be from random senders offering free cash or desirable prizes. At the end beware any attachments or links sent along those emails. Often those things once clicked enact the second step in the actors` work.