NACHA Phishing Email

History sure is repeating itself an awful lot lately. In a similar vein to the FDIC Phishing Emails I wrote about the other day, now there are malicious messages that claim to be from NACHA, which contain links to what is very likely some form of virus or spyware.

NACHA is the National Automated Clearing House Association (not to be confused with NACHO, a tasty corn chip-based snack). The organization is involved in networks that handle ACH transactions for financial institutions across the country. Much of what NACHA does is regulatory rather than operational in nature.

Here’s a sample of the email:

From: Information
Sent: Thursday, July 22, 2010 8:27 AM
To: Doe, John
Subject: Unauthorized ACH Transaction

Dear bank account holder,
The ACH transaction, recently initiated from your bank account, was rejected by the Electronic Payments Association. Please review the transaction report by clicking the link below:

Unauthorized ACH Transaction Report

Naturally, the link is fake. In this case it probably executes malicious code on your computer.

Add NACHA to the list with the FDIC and NCUA—none of these organizations ever contacts consumers directly. NACHA doesn’t even handle actual ACH transactions; they’re involved in the setup of the networks that handle them.

It’s important to get in the habit of ignoring email. Even when it’s not phishing or scams, ignoring email is a great way to save time (for example, I almost never open anything with “FW:” in the subject line, because they’re almost always dumb).

But when messages like this arrive, you must make sure to never click on the links, even “just to see.” While many phishing messages take you to pages designed to steal personal information, many (if not most) phishing websites now give you a one-two phishing/malware punch; if they can’t get you to enter your account numbers, at least they can hit your computer with some spyware, which will be loaded and executed before you can even blink.