Payroll processor PayChoice is said to be investigating a breach in which customers received targeted e-mails purporting to be from the company but were designed to trick people into downloading malware.
Workers received e-mails last week that directed them to download a browser plug-in or visit a Web site so they could continue accessing the Onlineemployer.com PayChoice portal.
The Malware in the download and on the Web site turned out to exploit security holes in Internet Explorer, Adobe Flash, and Adobe Reader.
The e-mails were targeted to individuals and included their user names, login IDs, and partial passwords, thus increasing the chance that recipients would be likely to fall for the ruse.