ADP Phishing W2 Tax Scam: AppRiver Issues Warning, Security Advise

Some ADP users have received phishing emails that claim their W2 tax form is now ready, according to AppRiver research. Hackers are targeting a ripe audience, considering ADP offers online payroll and HR solutions, plus tax, compliance, benefit administration and more.

The phishing email contains clickable links that lead to a well-designed page that poses as a legitimate ADP login. From here, the attackers can gather the victims’ ADP credentials, according to AppRiver researchers.

To avoid such attacks, AppRiver Manager of Security Research Troy Gill recommends:

  • First, remember that the IRS will never require you to take action via an email
  • Handle all your documentation with an abundance of caution – when you receive notifications that tax documents are now available from ANY provider, always navigate directly to the source yourself instead of following a link in an email.
  • When available, always enable multi-factor authentication on accounts containing any personal data.

AppRiver, owned by Zix, provides various Office 365 data protection and security solutions to MSPs and resellers.

Return Home

No Comments

Leave a Reply

Your email address will not be published.