Peaches Posted October 2, 2009 Report Share Posted October 2, 2009 October 1, 2009 Targeted e-mails distribute malware in PayChoice breachby Elinor Mills Payroll processor PayChoice said Thursday it is investigating a breach in which customers received targeted e-mails purporting to be from the company but were designed to trick people into downloading malware. Workers received e-mails last week that directed them to download a browser plug-in or visit a Web site so they could continue accessing the Onlineemployer.com PayChoice portal. Malware in the download and on the Web site turned out to exploit holes in Internet Explorer, Adobe Flash, and Adobe Reader, PayChoice said. The e-mails were targeted to individuals and included their user names, login IDs, and partial passwords, thus increasing the chance that recipients would be likely to fall for the ruse. In a statement, PayChoice did not say how many people received the e-mails but said most of the employees served by PayChoice do not use the portal. PayChoice, based in Moorestown, N.J., provides payroll software and services to 125,000 businesses. "Within hours of the attack, the company notified its clients, shut down the site www.onlineemployer.com and deployed further security measures to protect client information before restoring access to the system," the company said in the statement. "PayChoice also immediately notified the authorities and is working with federal law enforcement to find those responsible." Story at CNET News - http://news.cnet.com/security/ Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.