A nasty virus has infected a handful of our client’s offices yesterday and today. We have traced the virus back to an email which appears to be a FedEx shipping confirmation from ADP Payroll:

ADP Email with Virus

If anyone in your firm receives an email like this, DO NOT click on the attached .zip file, as it contains a .exe (executable) program which immediately installs the virus on your machine. Note that even if you don’t us ADP Payroll services, you may still receive this email.

This virus is particularly harmful due to the speed at which it infects and spreads throughout a network. Simply put, it creates a .exe on the mapped drives, which cause all files to appear as normal. When users click on the particular file throughout the day, they are unknowingly causing the .exe file to run, spreading the virus further and possibly reintroducing it into the system.

Upon sending out this announcement to our clients, we receive many responses from people who had received the same email – some of which deleted it right away. We are urging everyone to follow these guidelines to help prevent future infection:

  • Beware of emails from unknown contacts, social media sites and online stores – This includes shipping confirmations, friend requests, invitations, banking notifications etc. Some emails will ask you to “verify” information such as username, passwords, and credit card numbers. Also, Many emails may appear to come from people or business you know and even follow the regular email template, however all of the links contained within have been replaced with malicious ones. Never accept invitations from people you don’t know and do not click on links contained in these emails.
  • Beware of links – Many links contained in bogus emails or pop-ups are ”masked,” meaning that the link you see does not take you to that address but somewhere different, usually a faked website. Do not click on links you are unsure of.
  • Beware of attachments – Many fake emails ask you to open attachments, which can then infect your computer with a virus or spyware. If spyware is downloaded to your computer, it can then record the keystrokes you use to log into your personal online accounts and then sends that information back to the criminal. Never open attachments in suspicious emails.
  • Ask before you click – If you’re unsure of whether an email is legit, call the sender directly or contact your IT company to review the email. If the email is fraudulent, your IT company should check your system for infection and promptly notify spam prevention companies.

Find out more ways to safeguard your network from an attack >>

If anyone at your firm has received this email, please let us know immediately so that we can check your network for infection. We have alerted ADP and major spam prevention companies about this virus. We are also posting live updates on this situation on our Twitter and Facebook pages.

As always, if you have any questions or concerns at all, please contact us at 216-662-3200 or solutions@accellis.com.