
Don't Say It...Prishing?
The Attack During a recent internal red team assessment for a client, I found myself in familiar territory—established inside their network through a Citrix instance, carefully proxying commands through a covert tunnel to avoid detection. What started as routine reconnaissance would lead me to discover an attack vector I’d never seen exploited in the wild: turning multifunction printers into phishing delivery systems. I jokingly called it “prishing”—printer phishing, a play on other phishing techniques like “quishing” (QR code phishing) and “vishing” (voice phishing). ...