ADP Payroll Invoice Scam

Sloppy work, but I’m sure some people will fall for it.

Have you gotten an email message supposedly from payroll@adp.com (but really from someone else)? A brief email with the ADP logo and an invoice.zip file attachment?

Don’t open it.

Although I don’t think opening the message will cause any harm, the attachment is likely some sort of virus — or contains one when opened — and that can’t be a good thing.

Here’s what the message I got looks like. Note the From field and the typo in the bold, underlined text.

ADP Scam

I’ve said it before and I’ll say it again: Don’t open attachments you aren’t expecting, especially from organizations you don’t have some sort of email relationship with. Doing so is just plain stupid.

Coincidentally, I worked for ADP at their corporate headquarters back in the 1980s.

3 thoughts on “ADP Payroll Invoice Scam

  1. Geesh. I’m so sick of this kind of garbage. I wish these people who try to deceive would just find a real job and quit trying to steal from others or create havoc with others’ computers. Disgusting. Ugh.

    Thanks for posting the info. Good reminder about staying aware and being watchful.

    • It annoys me, too, but mostly because I know there are people who will fall for it. Maybe they’ve got a paycheck from ADP’s payroll service so the ADP name and logo are familiar. They’re curious — why is ADP sending me an invoice. Then they open it and problems start.

      If people would stop falling for these scams, they’d stop. That’s one of the reasons I try to provide info about them — to warn people. But the kind of people who fall for this are also the kind of people who aren’t searching the web for info about mysterious emails before opening them. Sometimes I wonder why I bother. :-(

    • Well, even if the idiots can get a small number of people to fall for it, then they’re making progress and making $$ … and that’s what seems to perpetuate it. That’s what it seems like to me and from what I’ve seen in undercover work I’ve seen on shows like Dateline, 20/20, etc.

      But then there are also the idiots who just want to mess up people’s computers… stupid viruses, malware, etc. Maddening.

      At any rate, I think we need to continue to talk about it, to warn people, and keep the information out there. Maybe your blog is “preaching to the choir,” but maybe not always… I think it matters. :-)

What do you think?