Fraudulent Emails Appearing to Come From ADP Portal with Subject Line: “Update Portal”

January 25, 2017

Issue Overview
There have been reports regarding fraudulent emails that appear to be sent from ADP Portal which may have various subject lines including “Update Portal.” These emails include a link and instruct the recipient to open it. The link leads to a phishing page with a fake ADP login page which asks the recipient to enter their User ID and password.

These emails do not originate from ADP and our analysis has revealed that they may contain a link that may be malicious. ADP is addressing this issue diligently with our fraud prevention team and security vendors to identify and contain the source of these emails and will provide updated information as it becomes available.

Message Subject(s) (See attached PDF for more detail):
Update Portal

How to Report an Incident
Please be on alert for this fraudulent email and follow the instructions below if you receive any new or related suspicious email.

  • Do not click on any links or open any attachments within the message.
  • Forward the email as an attachment to
  • Delete the email.
  • If you clicked any link or opened an attachment in the email, immediately contact your IT support team for further action.

Additional Information
For more information about how ADP protects our clients, please visit the ADP Trust Center at  which provides the latest security alerts, phishing information, security resources and best practices. Protecting ADP clients and their data from malicious activity has been, and always will be, a top priority for ADP.

 Download a PDF of this Alert