Fraudulent emails are circulating that pretend to be from NACHA, the Electronic Payments Association that oversees the Automated Clearing House (ACH) network, NACHA warned Thursday.
The bogus emails have "Rejected ACH Transaction" in the subject line and include links that redirect recipients to a fake website that appears to be NACHA's. The website contains a link that is "almost certainly" an executable with malware, the association said in its alert
"NACHA itself does not process nor touch the ACH transactions that flow to and from organizations and financial institutions. NACHA does not send communications to individuals or organizations about individual ACH transactions that they originate or receive," the association advised.
The phony emails appear to be the latest spam campaign carrying the Zeus Trojan, Gary Warner, director of research in computer forensics at the University of Alabama, wrote in a blog post about the email scam . The email's message urges the recipient to review the ACH transaction report by clicking on a link, which opens a fake NACHA website and a link for the supposed transaction report.
"The Transaction Report is described on the website as a 'self-extracting, pdf format' file, but is of course really a Zbot infector," Warner said.
The Zeus Trojan , also called Zbot, has been wreaking havoc in recent months by stealing online banking credentials, mainly of small and midsize businesses, which have been victimized by a surge in fraudulent ACH transactions .