[caption id="" align="aligncenter" width="500" caption="Payroll Phish"]
[/caption]
The nakedsecurity blog over at Sophos highlighted a new phishing scam that would be good to alert your employees about. The bad guys are pretending to be payroll processing company ADP. There are two variants of this phishing scam. They wrote: "One is simply a plain text message with the subject "ADP Funding Notification - Debit Draft" instructing you to click a link to view your transaction report. The second is more professional looking and suggests to a human resource specialists that ADP is upgrading its security processes and you need to login and be trained on the new procedures."
That is the screen you see above. I would not be surprised if the bad guys did some homework and checked on job sites for companies that are looking for HR people with ADP experience, or scanned LinkedIn for the same and did a spear-phishing attack where they also included 'HR@company.com' so that the net would be as wide as possible.
"The links in all of the messages we have received redirect to compromised websites that attempt to load malicious JavaScript that has all of the telltale signs of the Blackhole exploit kit. Don't click links in email folks. It's 2012 and we have been saying this for over 10 years now. Think before you click." Here is the link.
[/caption]The nakedsecurity blog over at Sophos highlighted a new phishing scam that would be good to alert your employees about. The bad guys are pretending to be payroll processing company ADP. There are two variants of this phishing scam. They wrote: "One is simply a plain text message with the subject "ADP Funding Notification - Debit Draft" instructing you to click a link to view your transaction report. The second is more professional looking and suggests to a human resource specialists that ADP is upgrading its security processes and you need to login and be trained on the new procedures."
That is the screen you see above. I would not be surprised if the bad guys did some homework and checked on job sites for companies that are looking for HR people with ADP experience, or scanned LinkedIn for the same and did a spear-phishing attack where they also included 'HR@company.com' so that the net would be as wide as possible.
"The links in all of the messages we have received redirect to compromised websites that attempt to load malicious JavaScript that has all of the telltale signs of the Blackhole exploit kit. Don't click links in email folks. It's 2012 and we have been saying this for over 10 years now. Think before you click." Here is the link.
