Phishing Campaign: “ADP: Setup push notifications”//”SECURITY GENERATED MESSAGE”

December 18, 2019

ADP has received reports regarding fraudulent emails being sent to ADP clients that have the following subjects: “ADP: Setup push notifications” and “SECURITY GENERATED MESSAGE”. The email instructs the user to click on a link to sign in to their ADP account. The link takes the user to a fake RUN or WFN page, the credentials entered are then stolen.

These emails do not originate from ADP and our analysis has revealed that they may contain malicious content. We’re working with our fraud prevention team and anti-phishing vendor to address this incident. Please see the example below which may vary in content and sender.

Message Sender:
Jamie Straus<'saleshhg><AT>shular[.]com>
Cat Drube<cdrube><AT>shular[.]com>

Message Subject:
“ADP: Setup push notifications”

How to Report a Phishing Email
Be alert for this fraudulent email and follow the instructions below if you receive any suspicious email.

  • Do not click on any links or open any attachments within the message.
  • Forward the email as an attachment to, then delete it.
  • If you clicked any link or opened an attachment in the email, immediately contact your IT support.

The ADP Global Security Organization continues to actively monitor this situation. Clients are encouraged to visit our website at to learn more about how ADP protects data, and how clients can help protect themselves. Protecting our clients and their data from malicious activity is a top priority for ADP.

Sign up to have new alert notifications delivered to you by email – visit the alerts section of for more information.