Alerts left arrow right arrow   

Fake and Malicious "ADP Past Due Invoice" Emails

Comments  +
Fake and Malicious "ADP Past Due Invoice" Emails

There are fraudulent ADP email messages with the subject "ADP Past Due Invoice", which appear as if they came from ADP that contain a malicious link. The email messages indicate that that ADP past due invoice is ready for review at ADP Online Invoice Management and instruct the recipients to click on the malicious link in the message, which will infect their computers if they they download and open the malicious file, thinking it is an invoice.

The Fake and Malicious ADP Email

From: []
Sent: 12 November 2014 19:28
Subject: ADP Past Due Invoice#39911564

Your ADP past due invoice is ready for your review at ADP Online Invoice Management.

If you have any questions regarding this invoice, please contact your ADP service team at the number provided on the invoice for assistance.

Please note that your bank account will be debited within one banking business day for the amount(s) shown on the invoice.

Review your ADP past due invoice here.

Important: Please do not respond to this message. It comes from an unattended mailbox.

The link (www.bingemann-buerosysteme .de/services/invoice1211.php) in the email will attempt to download the "", which contains the malicious "invoice1211_pdf.exe" that will infect the recipient's computer.

The link in the email message and the malicious invoice file name may change. So look out for similar emails with different invoice names and links.

The emails were not sent by ADP and they (ADP) said that they are aware of the fake and malicious emails and is addressing the issue diligently with their fraud prevention team and security vendors to identify and contain the source of the emails and will provide updated information as it becomes available.

ADP recommends that their customers do the following:

  • Please be on alert for this fraudulent email and follow the instructions below if you receive any new or related suspicious email.
  • Do not click on any links or open any attachments within the message.
  • Forward the email as an attachment to
  • Delete the email.
  • If you clicked any link or opened an attachment in the email, immediately contact your IT support team for further action.

The cybercriminals behind these malicious email messages aims are to trick the curious recipients into opening the malicious file, which will infect their computers with a virus or Trojan horse.

Once their computer has become infected with this malicious Trojan horse, the cybercriminals behind this email message will be able to access and take control of their computer remotely from anywhere around the world. They may spy on them, use their computer to commit cybercrimes, or steal their personal and financial information.

Now, if you have already opened the malicious file, please do a full scan of your computer with the antivirus software installed on it.

If you don’t have antivirus software installed on your computer, please click here for a list of free antivirus software.

For a list of other virus email messages, please click here.

Please share with us what you know or ask a question about this article by leaving a comment below. Also, check the comment section below for additional information, if there is any.

Remember to forward malicious or phishing email messages to us at the following email address:

Comments, Questions and Reviews

Comment(Total: 0)

Write a Comment, Review, or ask a Question or scroll down to view comments, reviews and questions made by others.

Would you recommend this article to a friend or family member?
Yes (0) No (0)   

Submit Comment Write Your Comment, Question or Review

Write your comment, question or review in the box below to share what you know or to get answers. Please revisit after an hour or more to view reponses or answers to you questions.
All comments, questions or reviews will be examined for derogatory or indecent statements, spam or malicous code, before they are posted on this website.

More for you:
Warning! JavaScript is turned off or disabled! Some features on this website will not work.