First time using shodan.io today.

I searched for "bizhub C364e" and found multiple units. Some had the default administrator password. The Konica 364 is a large unit at $6000 or more new and they are open to the Internet. Even if the admin password has been changed the Public login may be available. Public has access to print and view job history. Public can also view the scan-to-email address list.

What if a fraudster targeted these users with malicious email that appeared to originate from the bizhub?