Warning: Fraudulent Emails Appearing to Come from National Automated Clearing House Association (NACHA)

By Eric Andring, IT Compliance & Risk Manager, Bell State Bank & Trust

National Automated Clearing House Association (NACHA) is a non-profit membership association charged with overseeing the Automated Clearing House (ACH) system, which operates the largest electronic payment network in the world.

Fraudulent emails are circulating on the Internet claiming to be from NACHA. The subject line of the email states: “Unauthorized ACH Transaction.” The email includes a link that redirects the individual to a fake Web page and contains a link which is almost certainly an executable virus with malware harmful to your computer. Do not click on the link. Both the email and the related website are fraudulent.

Sample Email

From: Information

Sent: Thursday, November 22, 2011 8:27 AM

To: Doe, John

Subject: Unauthorized ACH Transaction

Dear bank account holder,

The ACH transaction, recently initiated from your bank account, was rejected by the Electronic Payments Association. Please review the transaction report by clicking the link below:

Unauthorized ACH Transaction Report

NACHA itself does not process nor touch the ACH transactions that flow to and from organizations and financial institutions. NACHA does not send communications to persons or organizations about individual ACH transactions that they originate or receive.

Remember not to open attachments or follow Web links in unsolicited emails from the following senders:

  • Unknown senders
  • Senders who do not normally communicate with you
  • Senders who appear to be known but are suspicious or otherwise unusual

If you receive a suspected fraudulent email appearing to come from NACHA, please forward it to spam@uce.gov and reportphishing@antiphishing.org to aid in the efforts of security experts and law enforcement officials to pursue the perpetrators. After forwarding the suspected fraudulent messages, the messages should be deleted.

Additional information and guidance for consumers and businesses related to these phishing attacks may be found at www.nacha.org.

Leave a Reply

Realize your comments are visible to the world, so avoid sharing your personal account information. Comments that are abusive, unlawful, off-topic, use vulgar or offensive language, include spam, or attacks of any kind will be removed.

Find what you're looking for...