Warning: NACHA Email Phishing Attacks Target Consumers and Businesses

By Eric Andring, IT Compliance & Risk Manager, Bell State Bank & Trust

National Automated Clearing House Association (NACHA) is a non-profit membership association charged with overseeing the Automated Clearing House (ACH) system, which operates the largest electronic payment network in the world.

NACHA has been the victim of sustained and evolving phishing attacks in which consumers and businesses are receiving emails that appear to come from NACHA. The attacks have been occurring with greater frequency and increased sophistication. Perpetrators are sending these fraudulent messages to email addresses globally.

These fraudulent emails typically make reference to an ACH transfer, payment, or transaction and contain a link or attachment that infects the computer with malicious code when clicked on by the email recipient. The source address and contents of these fraudulent emails vary.

NACHA itself does not process nor touch the ACH transactions that flow to and from organizations and financial institutions. NACHA does not send communications to persons or organizations about individual ACH transactions that they originate or receive.

Remember not to open attachments or follow Web links in unsolicited emails from the following senders:

  • Unknown senders
  • Senders who do not normally communicate with you
  • Senders who appear to be known but are suspicious or otherwise unusual

If you receive a suspected fraudulent email appearing to come from NACHA, please forward it to abuse@nacha.org to aid in the efforts of security experts and law enforcement officials to pursue the perpetrators. After forwarding the suspected fraudulent messages, the messages should be deleted.

Additional information and guidance for consumers and businesses related to these phishing attacks may be found at www.nacha.org or www.umacha.org.

Leave a Reply




Realize your comments are visible to the world, so avoid sharing your personal account information. Comments that are abusive, unlawful, off-topic, use vulgar or offensive language, include spam, or attacks of any kind will be removed.
Search

Find what you're looking for...