Fake ADP Security Management Notification Leads To Malware

 Analysis by: Mary Jen Sen Chua

Spammed messages were found to spoof a security management notification from Automatic Data Processing, Inc.(ADP). ADP is an American provider of business processing and cloud-based solutions. The mail, which sports a message header and return address similar to ADP's, alerts the reader to an imminent expiration of his system's digital certificate. The message also indicates that the supposed renewal is needed access ADP's Internet services. The message then instructs the reader to open the attached .ZIP file and run its extracted contents. The attached file is in fact malware, and exhibits its malicious routines on the system once run.

Users are strongly reminded to always be cautious whenever opening suspicious messages, even when the source appears to be a trusted one.  

 SPAM BLOCKING DATE / TIME: December 09, 2012 GMT-8
  • ENGINE:6.8
  • PATTERN:9436