Fraudulent ADP email attacks becoming more common

SUBTITLE:  Phishing Attack

Popular payroll company ADP is warning of a sophisticated phishing attack using emails that impersonate ADP business. The attack email in question warns of a Past Due invoice. These emails appear as if an ADP.com account was used as the sender. Mytech has most commonly seen “billing.address.updates@ADP.com"; but other addresses including “Francisca.Hopkins@adp.com” are also common.
 
All fraudulent emails include instructions to click on a link which will redirect to a malicious website, at which point the victim could be at risk for virus infection or information theft. ADP requests that any suspicious emails be forwarded to abuse@adp.com so they can continue their efforts to locate the origin of the attack.

Mytech always advises extreme caution when clicking unexpected links in emails, even if the sender appears legitimate. Additionally, a security posture that includes layered defenses like up to date antivirus software, email security services and gateway security services should all be in place to detect and block the attempt to visit known malicious sites.
 
If you have any questions about your current security solutions or about how to secure your network against Phishing and other common attacks, please contact Mytech Partners at 612-659-9800