madison
Home / News & Blogs

Fake PayChoice e-mails deliver malware

Elinor Mills CNET News | October 2, 2009 4:45 AM PDT

Summary

Payroll processor PayChoice said it is investigating a breach in which customers received targeted e-mails purporting to be from the company but were designed to trick people into downloading malware.

Topics

Payroll, E-mail, Cyberthreats, Payroll Solutions, Operational Accounting, Viruses And Worms, Online Communications, Finance, PayChoice, security, malware, Spyware, Adware & Malware, Elinor Mills CNET News
Payroll processor PayChoice said Thursday it is investigating a breach in which customers received targeted e-mails purporting to be from the company but were designed to trick people into downloading malware.

Workers received e-mails last week that directed them to download a browser plug-in or visit a Web site so they could continue accessing the Onlineemployer.com PayChoice portal. Malware in the download and on the Web site turned out to exploit holes in Internet Explorer, Adobe Flash, and Adobe Reader, PayChoice said.

The e-mails were targeted to individuals and included their user names, login IDs, and partial passwords, thus increasing the chance that recipients would be likely to fall for the ruse.

In a statement, PayChoice did not say how many people received the e-mails but said most of the employees served by PayChoice do not use the portal. PayChoice, based in Moorestown, N.J., provides payroll software and services to 125,000 businesses.

Read more on "Targeted e-mails distribute malware in PayChoice breach" from CNET News.

Talkback Most Recent of 10 Talkback(s)

  • partial passwords included?
    wow... sounds like someone's security needs a serious looking into

    i've forwarded many spoof emails to spoof@paypal.com ...why doesn't every site have a similar address to report to? people will *always* fall for such scams so it's up to the rest of us to at least get the word back to *someone*.

    which begs the question "what good does reporting do?" perhaps a site is taken down... ok... scammers reap the (however brief) profits and create another etc. we need a serious net police force!
    ZDNet Gravatar
    jbcoops
    5th Oct 2009
  • partial anything, bad
    I was thinking the same thing. User IDs, partial passwords. If the article is accurate then it sounds like there's more going on than just a spoof. That information would normally be sitting in the db.
    ZDNet Gravatar
    jjwalters3@...
    5th Oct 2009
  • Bad app design!
    Any application that stores passwords in plain text, even partial ones, has a problem. It is, after all, not just the outside hacker that poses a security risk, but also employees with inside access to the db.
    ZDNet Gravatar
    hmoulding@...
    5th Oct 2009
  • RE: Fake PayChoice e-mails deliver malware
    I don't think it was actually a targeted spam; I saw some of those go through my server to e-mail lists, not even user accounts.

    I figure it's likely the same people who have long been spamming with fake bank notices. Send out a bunch and maybe you get lucky by hitting a real customer.

    jim frost
    jimf@frostbytes.com
    ZDNet Gravatar
    jimfrost
    5th Oct 2009
  • I got fake Citizen's Bank scam email..
    and tried to report it to their Colorado main office; and they just stuck their head in the sand. It seems most banks would rather take the hit, than do anything to improve security!

    It is going to take an act of congress to force them to get their head out of their caboose!!
    ZDNet Gravatar
    JCitizen
    5th Oct 2009
  • I got all kinds of banks saying stuff
    They say my account needs to be updated and I don't even have an account with any of them. The banks don't care because it doesn't really affect them. The one that will lose money is the owner of an account. The bank will gain money by all the charges the owner will get for bounce charges and such. Just like my husband had to pay the phone bill once with our checking account on the phone. The company too the payment out 2 times which screwed up our account and we got 80.00 in bounce charges. We called the company about it, they said they would just credit our account. Eventually we quit that company.
    ZDNet Gravatar
    maeflye63@...
    5th Oct 2009
  • The law is on the side of the consumer...
    on this; it is just that banks would rather take a hit, with a loss than pratice good security!

    I say that needs to be stopped! I'm not a regulatory freak, but this has got to stop; especially for the fact that a consumer that does not watch his account on line could be liabel for the loss!

    As long as you report it soon enough the bank has to eat the loss. Credit cards are safer when it comes to things online, it seems. At least the law is very stiff on illegal charges on them!
    ZDNet Gravatar
    JCitizen
    8th Oct 2009
  • Obligatory mention that ...
    Linux is immune to such malware.
    ZDNet Gravatar
    Media Whore
    8th Oct 2009
  • Don't forget...
    that most people using online banking/credit need at least FireFox with flash/and/or java to use the site, and that can leave even the Linux-Mozilla combo under threat of data jacking!

    Linux is not immune to application vulnerabilities.
    ZDNet Gravatar
    JCitizen
    8th Oct 2009
  • RE: Fake PayChoice e-mails deliver malware
    I know the inside story.... It was definitely a targetted attack, they had usernames, and partial passwords directly from the back end.
    ZDNet Gravatar
    Dexterstjock
    8th Oct 2009

Talkback - Tell Us What You Think

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity