ADP Digital Certificate Expiration Emails Point to Malware Hosted on Hijacked Sites

Thanks, I just got this very email (went to my Spam file) this morning. I didn't open it up but did a Google search and came across your very timely warning.

Same here - I just got this email in my spam. Googled it and found this article. Sick of all these spam emails!!

I just got this email but it seemed suspicious so I did a search and found this site. Thanks for the warning.

I opened it up by accident, then closed it quickly when I saw a malware looking popup shoot out. Will I have a problem now? What should I look for?

I received one of these emails and deleted it.
I forwarded it to my IT guy and he referred me to your website.

They are still with us. Got this one just this morning, 7/25/12.

Thanks for the information. I received an e-mail from them today. Glad I read your warning.

Thanks, very helpful info!!

still receiving this email as of august 3, 2012

one of my users received one of these, 02/08/2012. thanks for the heads up.

August 27, 2012 - I just got the e-mail mentioned above. Thanks for the warning. I didn't think that the e-mail was legitimate.

Yep, this is still around. Got one today (Aug 27, 2012).

We just got it also, still around.

Just got one today, but this variant appeared to have a zip file with the 'new certificate' in it. 9/14/2012

Ditto. Received the same today.

I also received one this morning on 9/14 with the zip file attached. I deleted it.

Just got this new version, too.

Same. Circulated around clients office today with a one day expiry warning and a zip file. ESET caught it

how do we remove this if it was clicked. it seems to be wrecking havoc to my java.

I got one too, googled it because it looked fishy...

got it today 9-15-12. Thanks for the warning, but since I don't use ADP I knew it was crap.

Thanks for sharing this because I just received an email about this and had no idea who they are. Cheers!

I received this yesterday. The email did not contain any links, but it did contain a bogus zip file. I opened it, but my computer rendered a message that said the file was not valid for a security certificate. I hope it didn't screw anything up.

A new variation just appeared in my spam filter, subject line "ADP Funding Notification - Debit Draft". It states "transaction reports" have been uploaded to the web site, and my bank account will be debited within one banking day for the amounts shown. Thanks for your site telling me about these. If I actually used ADP, I might have clicked the link without checking.

thank you. I just received such an email Oct 11th and promptly deleted.

THANK YOU!!!!

I AM GLAD I READ THIS. I WAS ONE OF THOSE PEOPLE PANICKING BECAUSE OF THE QUANTITY OF SECURITY COMPANIES WE DEAL WITH, FROM HOME SECURITY TO COMPUTER SECURITY TO BUSINESS SECURITY. WHAT A RELIEF.

The following is a new message that I received:


Your latest ADP Services Invoice is now available to view or pay online at ADP Online Invoice Management .

To protect the security of your data, you will need to enter your ID and password, then click on Access your Online Invoice Management Account.

Total amount due by October 11, 2012

$48033.96

If you have already sent your payment please disregard this friendly reminder and Thank you for choosing ADP.

Questions about your bill?

Contact your ADP administrator by Secure Mail.

Note: This is an automated email. Please do not reply.

This mail is 4 months later still in circulation! I have just received one dated Fri Oct 12 11:10:36 2012 with the following text:

Your latest ADP Services Invoice is now available to view or pay online at ADP Online Invoice Management .
To protect the security of your data, you will need to enter your ID and password, then click on Access your Online Invoice Management Account.
Total amount due by October 11, 2012
$46252.14
If you have already sent your payment please disregard this friendly reminder and Thank you for choosing ADP.

Questions about your bill?

Contact your ADP administrator by Secure Mail.

Note: This is an automated email. Please do not reply.

agree with comment#23.

Subject: ADP Invoice Reminder
From: ADP_Netsecure@adp.comAdd to Contacts
Sent: Thu, Oct 11, 2012 at 12:17 pm

Your latest ADP Services Invoice is now available to view or pay online at ADP Online Invoice Management .

To protect the security of your data, you will need to enter your ID and password, then click on Access your Online Invoice Management Account.

Total amount due by October 11, 2012

$40467.24

If you have already sent your payment please disregard this friendly reminder and Thank you for choosing ADP.

Questions about your bill?

Contact your ADP administrator by Secure Mail.

Note: This is an automated email. Please do not reply.

----------------------------

this email is still in circulation, please be high alert and dont send any payments.

thank you.

I today have also recieved such an email. I am always careful when there is something i don't know who it is from and put the title of the email into google & this site came up telling me what this is and it will now be marked as spam

It is thanks to sites like yourself that we all manage to stay safe online

I just got one too, identical to this one on 11/27/12. I have also received a couple of a different ADP emails in the past month, which I believe were also bogus. Instead of a zipped file, they had a couple of links. I did a web search for this one. There were half a dozen sites that came up first that just repeated the text of the e-mail. They never bothered to state the e-mail was bogus as you did, so they look just as bogus as the e-mail itself, perhaps misleading users into not taking action they need to. Thanks for doing the whole job and actually letting us know the e-mails are a scam and giving us a useful forum to track this.

Also received this email just today. Always trying to be focussed on what's right and what could be suspicious. Came across this site googling for the ADP certificate as I didn't know where it points at.
Thanks for the heads up. There are quite some of these emails goin' around these days. Already received 4 or more regarding ING home banking.

Stay alert ...

I got this email this morning as well. I'm usually careful about these things, but it's coming to the end of the year and I think my payroll contract is about to expire, so I extracted the zip file. Nothing seems to be wrong with my comp yet, but does anyone have suggestions on what I can do to make sure my computer is clean?

I received this on 11/27 as well. Used the ADP site yesterday with no issue.
Today, I can't get into the site. I didn't open the email, but I thought of it when I am unable to view my account now in ADP.

Received one for the first time Nov 27, 2012.
Oakville Canada

I just got the message and as it looked sus. I googled it and found your warning. Thanks

thank God I see this before I download the attachment. I got the exact same email! You just save me. thank you !

Received this message as well this morning , dated Tue, 27 Nov 2012 17:50:29 with a stated certificate expiration date of the the exact date & time! It helped that we have never used ADP services but did a quick search anyway and find this article. Kudos for posting the warning.

Received the same today, Wed 28 nov 2012 at 14:42 UTC. Googled, found this site and deleted the message.

Just now got this type of mail. Thanx.

A co-worker just received this. It's still going around as of 1/24/13.

Just got this email this morning. Thanks for the heads up.

I just got this email. Thanks for the info.

Thank you! I just got this email and it is hard to tell what to open or ignore.