The bogus notifications claim to provide a Transaction Report

Oct 12, 2012 11:38 GMT  ·  By

Malicious ADP spam runs have been around for quite some time now and judging by the comments made by some of our readers, they’re not about to disappear any time soon.

Besides the classic “ADP Dealers Services Invoice”, “ADP Digital Certificate Expiration” and “ADP Funding Notification,” a new type of email has been seen landing in the inboxes of unsuspecting internauts.

The notification, bearing the subject “Report,” looks something like this:

Your Transaction Report(s) have been uploaded to the web site: https://www.flexdirect.adp.com/client/login.aspx

Please note that your bank account will be debited within one banking business day for the amount(s) shown on the report(s).

Please do not respond or reply to this automated e-mail. If you have any questions or comments, please Contact your ADP Benefits Specialist.

Thank You, ADP Benefit Services

These emails have been analyzed by experts from two different security firms: MX Lab and GFI Software.

It has been determined that the URL’s contained in the bogus messages lead to a fake Adobe website that serves all sorts of malicious elements by leveraging the BlackHole exploit kit.

I advise you to be on the lookout for such emails. In case they already landed in your inbox and you clicked on the links, be sure to run a full system scan with an up-to-date antivirus application.