Workers received e-mails last week that directed them to download a browser plug-in or visit a Web site so they could continue accessing the Onlineemployer.com PayChoice portal. Malware in the download and on the Web site turned out to exploit holes in Internet Explorer, Adobe Flash, and Adobe Reader, PayChoice said.
The e-mails were targeted to individuals and included their user names, login IDs, and partial passwords, thus increasing the chance that recipients would be likely to fall for the ruse.
In a statement, PayChoice did not say how many people received the e-mails but said most of the employees served by PayChoice do not use the portal. PayChoice, based in Moorestown, N.J., provides payroll software and services to 125,000 businesses.
Read more on "Targeted e-mails distribute malware in PayChoice breach" from CNET News.