Phishers target PayChoice customers

Posted by Caitlin on October 5th, 2009

Hackers recently breached the online systems of PayChoice, a payroll processing firm. Shortly after the hackers accessed customer account information, including email addresses, login IDs, and partial passwords, PayChoice customers began receiving targeted phishing emails prompting them to download a plug-in. The emails, which  addressed recipients by name and referenced their usernames and passwords, explained that the plug-in was necessary for continued access to PayChoice's online payroll service at OnlineEmployer.com. But the download was actually malicious software designed to steal even more account information. The phishing emails also included links to malicious websites, which would attempt to exploit vulnerabilities in Internet Explorer, Adobe Flash, and Adobe Reader to install even more malware. Unlucky victims wound up with a Trojan horse program that attempted to download even more malware and disable security software. This particular Trojan horse slips under the radar of many anti-virus scanners. Security experts believe that this attack was primarily designed to steal online banking credentials.

PayChoice is still investigating the extent of this unusually complex attack. A data breach, phishing emails, malicious websites, and numerous malicious applications including a Trojan horse. All with the likely end goal of identity theft.

How can you defend yourself against such sophisticated hackers? The best course of action is to be wary when clicking on links or downloading files, to keep your browser and Internet security software updated, and to invest in identity theft protection.

• Data Breach Alert: Hundreds of thousands of computers infected by Russian hackers
• Malicious hack impacts 2.2 million shortened URLs
• Hackers gain access to sensitive data from 100,000 websites
• Type carefully when looking for a free credit report
• Facebook phishing scams increase risk of identity theft on the popular social network