February 27, 2017
ADP’s Global Security Organization has received numerous reports regarding fraudulent emails that appear to be sent from ADP containing various subject lines, including “Update Portal” or “Update Required”. These emails contain a malicious link and instruct the recipient to click on it.
These emails do not originate from ADP and our analysis has revealed that they may contain an attachment that may be malicious. ADP is addressing this issue diligently with our fraud prevention team and security vendors to identify and contain the source of these emails and will provide updated information as it becomes available.
Message Subject (See attached PDF for more detail):
How to Report an Incident
Please be on alert for this fraudulent email and follow the instructions below if you receive any new or related suspicious email.
- Do not click on any links or open any attachments within the message.
- Forward the email as an attachment to firstname.lastname@example.org.
- Delete the email.
- If you clicked any link or opened an attachment in the email, immediately contact your IT support team for further action.
For more information about how ADP protects our clients, please visit the ADP Trust Center at
www.adp.com/trust which provides the latest security alerts, phishing information, security
resources and best practices. Protecting ADP clients and their data from malicious activity has been, and always will be, a top priority for ADP.
Download a PDF of this Alert