Finance leaders need to make sure their payroll administrators get a heads up about a new phishing scam that’s targeting them. Cybercriminals are using the names of some very legit and well-known payroll processing companies to get the attention of payroll admins. 

“For the past couple of weeks, companies that offer outsourced payroll management services have seen their name being abused for phishing scams,” says a recent blog post from SANS incident handler Daniel Wesemann.

The scams are executed via an email that looks like it comes from a payroll processor, like ADP. The recipient is often warned that their account is set to expire or there’s a security certification that needs renewal.

To fix the problem, the recipient is asked to click on a link embedded in the email. The link may look superficially official, but it’s not. Clicking on it redirects the victim to a site that delivers exploits, usually in the form of unpatched Java.

Worst case scenario: Your payroll clerk or admins credentials or logins are stolen.

Worse news: Anti-virus software’s not going to be much of a defense against the exploits these crooks are using.

Finance leaders should alert their payroll folks and IT about the prevalence of these scams. There are some tech strategies IT can take and, says Wesemann, you should make sure your HR and Payroll folks are treated to another round of “DONT CLICK ON THIS LINK” training. They are your first line of defense, and - given Antivirus’ ineffectiveness – usually even your only line of defense against these scams.

Tags: administrators, ADP, crooks, cybercriminals, payroll, targeted