Date: Fri, 12 Oct 2012 14:48:18 +0530
From: "ADPClientServices" [ADPClientServices@adp.com]
Subject: ADP Urgent Notification
Your Transaction Report(s) have been uploaded to the web site:
https://www.flexdirect.adp.com/client/login.aspx
Please note that your bank account will be debited within one banking business day for the amount(s) shown on the report(s).
Please do not respond or reply to this automated e-mail. If you have any questions or comments, please Contact your ADP Benefits Specialist.
Thank You,
ADP Benefit Services
The malicious payload is at [donotclick]184.164.151.54/links/rules_familiar-occurred.php (hosted by the ironically named Secured Servers LLC in the US aka Jolly Works hosting of the Philippines).
No comments:
Post a Comment