Who We Are

Fraudulent Emails Appearing to Come from ADP with Subject Line: Invoice #

Most Recently Reported: August 15, 2015
Date Initially Reported: March 27, 2013

Issue Overview
There have been reports regarding fraudulent emails that appear to be sent from ADP which may have various subject lines including “Invoice # <random numbers>”. These emails indicate that the latest statements received from the recipient’s bank are attached and instruct the recipient to open and send an attachment.

These emails do not originate from ADP and our analysis has revealed that they contain an attachment that may be malicious. ADP is addressing this issue diligently with our fraud prevention team and security vendors to identify and contain the source of these emails and will provide updated information as it becomes available.

Message Subject Lines (See attached PDF for more detail):
Statement #XXXXXXX
Invoice #3859065 – Remit File
Invoice #1672737
Invoice #4104395

How to Report an Incident
Please be on alert for this fraudulent email and follow the instructions below if you receive any new or related suspicious email.

  • Do not click on any links or open any attachments within the message.
  • Forward the email as an attachment to abuse@adp.com.
  • Delete the email.
  • If you clicked any link or opened an attachment in the email, immediately contact your IT support team for further action.

Additional Information
For more information about how ADP protects our clients, please visit the ADP Trust Center at www.adp.com/trust which provides the latest security alerts, phishing information, security resources and best practices. Protecting ADP clients and their data from malicious activity has been, and always will be, a top priority for ADP.

PDF Download a PDF of this Alert

See All Security Alerts