New Phishing Scam Targets Electronic Payments Association

The Electronic Payments Association revealed that it has been informed by individuals and companies about a false email pretending to be sent from NACHA (National Automated Clearing House Association, former name of Electronic Payments Association).

The email contains a subject stating: "Unauthorized ACH Transaction" which informs that recently some ACH dealing started from the user's bank account, and has been declined by the Electronic Payment Association. Then the mail requests the recipient to check the transaction, by clicking the provided link.

The provided link directs the recipient to a particular fraudulent web page, which must contain an effecting virus with malware.

NACHA reveals in their website that the email, its text and the associated websites are unauthentic. It also mentions that NACHA neither prepare nor influence the ACH dealings which keep transferring between organizations and financial institutions. NACHA never sends information to users and companies regarding exclusive ACH dealings which they commence or receive.

Beside this, MX Lab (security firm) detected few fake emails meant to target the Electronic Payments Association. One particular email came from a fake web address "Electronic Payments Association <buttesob62@rowan-glen.com>" with the subject "Online Banking Account Alert!"

The email also mentioned that the recipient have to provide verification details if he further wants to operate his account without any problem. It then asks the recipient to clink on a particular link called hxxp://astroereyna.gr/, in order to check and furnish the required details.

Security researchers disclosed while commenting on such email, that users should stay alert about the fact that phishing emails generally contain links to websites which carry malicious code and software. They should never follow any link mentioned on such emails, as these emails are sent from unreliable sources, or sources with whom the recipient never interacts, or emails which look real but seems suspicious.

If ever a user detect or doubt malicious code on his computer, then he should immediately contact some computer security or anti-virus expert, to delete the code or re-install the actual computer operating system.

In addition to this, it is advisable to use anti-virus software all the time and make it sure that the operating systems and other security patches for common software applications are installed and latest.

Related article: New Zealand Releases Code To Reduce Spam

» SPAMfighter News - 8/10/2010