Phishing emails labeled as being from ADP–and other payroll processing providers– are designed to exploit PCs using a known Java vulnerability. Many outsourced payroll services customers–not ADP customers–have been targeted by phishing emails that warn that the digital certificate the business uses to communicate with their payroll provider is set to expire. “Few things are as juicy for the bad guys as getting a key-logger onto the computer of someone who manages payroll,” said SANS incident handler Daniel Wesemann.”]
Source: https://www.darkreading.com/attacks-breaches/beware-phish-email-attack-targeting-adp-payroll-systems