A currently spamvertised malware campaign attempts to trick the user into thinking he's received a scanned Xerox document, whereas the actual attachment is a malicious PDF file, which once successfully exploiting the CVE-2007-5659; CVE-2008-2992; CVE-2009-0927 and CVE-2009-4324 flaws drops scareware on the infected host.
Hello, It was scanned and sent to you using a Xerox WorkCentre Pro. Please open the attached document.
Sent by: Guest Number of images: 1 Attachment File type: PDF. WorkCentre Pro Location: Machine location not set
Device name: XERX911818091004676018486
Attachment name: 02-02-2011-43.pdf
As far as the social engineering theme is concerned, cybercriminals periodically reintroduce and rotate it once the campaign receives the necessary media coverage.