Malicious ads on major websites held users’ files to ransom
http://www.engadget.com/2014/10/24/cryptowall-ransomware-attack-proofpoint-report/
Malicious ads on major websites held users’ files to ransom
And you can pick up some very nasty malware from emails, emails that “may” sometimes look very legitimate.
I am the payroll and HRIS manager for the company I work for and yesterday morning an employee forwarded an email just as described in the two links below.
http://www.threattracksecurity.com/it-blog/adp-past-due-invoice-spam/
Fortunately she realized it was suspect especially since she is in sales and not in accounts payable and let me know right away without (hopefully) clicking on the links. I contacted our IT manager and let her know and then sent out a companywide email advising employees to be on the lookout for fraudulent emails purporting to be from ADP and the warning: DO NOT OPEN AND DO NOT CLICK ON THE LINKS, DELETE THE EMAIL AND IF YOU DID CLICK ON THE LINKS, NOTIFY IT IMMEDIATELY. (OK, I didn’t send in all caps but I did bold and underline : ), )
Unfortunately the timing of these phishing emails with their malware links comes at an especially bad time since we are having our annual benefits open enrollment and many employees who don’t regularly log into our ADP self service site are doing so right now and some having forgotten their passwords are requesting password resets and may mistakenly think this is actually from ADP.