New Phishing Attack Targeting ADP Users

A phishing attack claiming to be ADP – one of the world’s largest HR and Payroll companies – telling you your W2 is ready!

This recycled W2 phishing scam targets payroll and HR personel. It  appears to be from a corporte executive and typically begins with a friendly email. However, it soon escalates to a request for W-2 information.

12-24-19 Image

While many organization may not be using ADP for payroll, this phishing attack is taking more the shotgun approach. It impersonates an organization that a material percentage of their potential victims use.

This particular attack brings users to a spoofed ADP logon page to lure them to enter in their ADP credentials. Attackers then leverage these credentials to log in as the user and change bank accounts for direct deposit. They also gain access to personal information including: birthdate, address, social security number, phone number and more. All to be used as part of another identity theft scam.

Get the full story here.

It’s a proven fact that users trained in Security Awareness know to look for suspicious details that don’t align. Knowing these bits of information before clicking on a link or attachment will make the difference between becoming a victim and avoiding a very costly mistake.

To be sure your organization is protected and your users are trained, contact us today!