{"id":12115,"date":"2022-04-11T06:49:17","date_gmt":"2022-04-11T06:49:17","guid":{"rendered":"https:\/\/myonlinesecurity.co.uk\/?p=12115"},"modified":"2022-04-11T06:49:17","modified_gmt":"2022-04-11T06:49:17","slug":"adp-invoice-for-week-ending-08-22-2014-invoice-447589545-fake-pdf-malware","status":"publish","type":"page","link":"https:\/\/myonlinesecurity.co.uk\/adp-invoice-week-ending-08222014-invoice-447589545-fake-pdf-malware\/","title":{"rendered":"ADP Invoice For Week Ending 08\/22\/2014 Invoice: 447589545 \u2013 Fake PDF Malware"},"content":{"rendered":"
ADP Invoice for week ending 08\/22\/2014 Invoice: 447589545 pretending to come from Billing.Address.Updates@ADP.com is another one from the current zbot runs which try to drop cryptolocker, ransomware and loads of other malware on your computer.<\/p>\n
They are using email addresses and subjects that will entice a user to read the email and open the attachment. A very high proportion are being targeted at small and medium size businesses, with the hope of getting a better response than they do from consumers.<\/p>\n
Almost all of these have a password stealing component, with the aim of stealing your email or FTP ( web space) log in credentials. Many of them are also designed to specifically steal your facebook and other social network log in details.<\/p>\n
Please read our How to protect yourselves page<\/a> for simple, sensible advice on how to avoid being infected by this sort of socially engineered malware.<\/p>\n Your most recent ADP invoice is attached for your review. If you have any questions regarding this invoice, please contact your ADP service team at the number or e-mail address provided on the invoice for assistance.<\/p>\n Thank you for choosing ADP for your business solutions.<\/p>\n Important: Please do not respond to this message. It is generated from an unattended mailbox.<\/p>\n 25 August 2014: invoice_447589545.zip (10kb): Extracts top invoice_447589545.exe Current Virus total detections: 2\/55<\/p>\n This is another one of the spoofed icon files that unless you have \u201cshow known file extensions enabled<\/a>\u201c, will look like a proper PDF file instead of the .exe file it really is, so making it much more likely for you to accidentally open it and be infected.<\/p>\n All of these emails use Social engineering tricks to persuade you to open the attachments that come with the email. Whether it is a message saying \u201clook at this picture of me I took last night\u201d and it appears to come from a friend or is more targeted at somebody who regularly is likely to receive PDF attachments or Word .doc attachments or any other common file that you use every day.<\/p>\n