Warning: nasty, tricksy phishing attack e-mail

This is a Public Service Announcement. Delete without opening any e-mail you receive that looks like it is from anybody at:

The subject of the e-mail is usually something like:
Rejected ACH Payment
and the text of the e-mail usually goes something like this:

The ACH transfer (ID: 1234567890123), recently sent from your bank account (by you or any other person), was rejected by the other financial institution.

Rejected transfer
Transaction ID: 1234567890123

Rejection Reason See details in the report below

Transaction Report
report_1234567890123.pdf.exe (self-extracting archive, Adobe PDF)
Please click here to download report:
http://MYNACHA-REPORT-DOMAIN(rest of it screwed up so you won’t go there by mistake).INFO

13450 Sunrise Valley Drive, Suite 100 Herndon, VA 20171 (703) 561-1100
2011 NACHA – The Electronic Payments Association

Now, the NACHA is a real organization. But here’s what they say about this nasty little con[*1] :


NACHA – The Electronic Payments Association has received reports that individuals and/or companies have received a fraudulent email that has the appearance of having been sent from NACHA and signed by a non-existent NACHA employee. Specifically, this email claims to be from the “Electronic Payments Association” and appears to be coming from the email address “payments@nacha.org.” See a sample of the email below.

Be aware that phishing emails frequently have attachments and/or links to Web pages that host malicious code and software. Do not open attachments or follow Web links in unsolicited emails from unknown parties or from parties with whom you do not normally communicate, or that appear to be known but are suspicious or otherwise unusual.

NACHA itself does not process nor touch the ACH transactions that flow to and from organizations and financial institutions. NACHA does not send communications to individuals or organizations about individual ACH transactions that they originate or receive.

If malicious code is detected or suspected on a computer, consult with a computer security or anti-virus specialist to remove malicious code or re-install a clean image of the computer system.

Always use anti-virus software and ensure that the virus signatures are automatically updated.

Ensure that the computer operating systems and common software applications security patches are installed and current.

Additional information and guidance on phishing is available from the Federal Deposit Insurance Corporation (FDIC)[*2] .

Be alert for different variations of fraudulent emails.

Don’t be scammed. If you don’t recognize who it’s from, delete it without reading it. If you’re not sure, you might take a peek, using your mail client’s “view source” function, if it has it. (In Thunderbird, which I use, it’s under View >> Message Source).

I don’t work for NACHA or anybody else for that matter, it’s just that con men piss me off.