Warning: NACHA Email Phishing Attacks Target Consumers and Businesses
By Eric Andring, IT Compliance & Risk Manager, Bell State Bank & Trust
National Automated Clearing House Association (NACHA) is a non-profit membership association charged with overseeing the Automated Clearing House (ACH) system, which operates the largest electronic payment network in the world.
NACHA has been the victim of sustained and evolving phishing attacks in which consumers and businesses are receiving emails that appear to come from NACHA. The attacks have been occurring with greater frequency and increased sophistication. Perpetrators are sending these fraudulent messages to email addresses globally.
These fraudulent emails typically make reference to an ACH transfer, payment, or transaction and contain a link or attachment that infects the computer with malicious code when clicked on by the email recipient. The source address and contents of these fraudulent emails vary.
NACHA itself does not process nor touch the ACH transactions that flow to and from organizations and financial institutions. NACHA does not send communications to persons or organizations about individual ACH transactions that they originate or receive.
Remember not to open attachments or follow Web links in unsolicited emails from the following senders:
- Unknown senders
- Senders who do not normally communicate with you
- Senders who appear to be known but are suspicious or otherwise unusual
If you receive a suspected fraudulent email appearing to come from NACHA, please forward it to firstname.lastname@example.org to aid in the efforts of security experts and law enforcement officials to pursue the perpetrators. After forwarding the suspected fraudulent messages, the messages should be deleted.
Leave a Reply
Realize your comments are visible to the world, so avoid sharing your personal account information. Comments that are abusive, unlawful, off-topic, use vulgar or offensive language, include spam, or attacks of any kind will be removed.