Fact Check

NACHA - ACH Transfer Rejected

E-mailed notification of failed transfer from NACHA.

Published May 31, 2011

Claim:

Phishing bait:   E-mailed notification of failed transfer from NACHA.


Examples:


[Collected via e-mail, August 2011]

ACH Payment Canceled
The ACH transaction, recently initiated from your checking account (by you or any other person), was canceled by the other financial institution.

Rejected transaction
Transaction ID: 2985355
Reason for rejection: See details in the attachment
Transaction Report: report_082011-65.pdf.ZIP (ZIP archive, Adobe PDF)

13450 Sunrise Valley Drive, Suite 100 Herndon, VA 20171 (703)561-1100 2011
NACHA - The Electronic Payment Association
 


[Collected via e-mail, August 2011]

The ACH transaction (ID: 14402172), recently initiated from your checking account (by you or any other person), was canceled by the other financial institution.

Rejected transaction
Transaction ID: 8574210513218
Reason for rejection: See details in the attachment
Transaction Report: report_082011-65.pdf.exe (self-extracting archive, Adobe PDF)

13450 Sunrise Valley Drive, Suite 100 Herndon, VA 20171 (703)561-1100 2011
NACHA - The Electronic Payment Association"
 


[Collected via e-mail, May 2011]

ACH transfer rejected

From: alert@nacha.org
Subject: ACH transfer rejected
Date: May 25, 2011 6:40 AM

The ACH transaction (ID: 40735080381240), recently initiated from your bank account (by you or any other person), was rejected by the Electronic Payments Association.

Rejected transaction
Transaction ID: 40735080381240
Reason for rejection See details in the report below
Transaction Report report_40735080381240.pdf.exe (self-extracting archive, Adobe PDF)

About NACHA

NACHA advocates the value of the ACH Network and the NACHA Operating Rules to support the ACH Network and preserve the positive attributes of private-sector rulemaking. Activities include the development and communication of messages that define and articulate the value of the ACH Network, ACH payments, and the NACHA Operating Rules through advocacy, education, and other outreach efforts.

More than 18.2 billion ACH payments were made in 2008, an increase of 1.2 billion over 2007. ACH payment volume continues to double every five years. The 2007 Federal Reserve Payments Study revealed ACH payments had the largest compound annual growth rate, 18.6 percent, of all U.S. non-cash payments.

NACHA manages the development, administration, and governance of the ACH Network, the backbone for the electronic movement of money and data. The ACH Network serves as a safe, secure, reliable network for direct consumer, business, and government payments, and annually facilitates billions of payments such as Direct Deposit and Direct Payment.

13450 Sunrise Valley Drive, Suite 100 Herndon, VA 20171 (703) 561-1100

2011 NACHA - The Electronic Payments Association



 

Origins:   As noted in a May 2011 alert from the National Automated Clearing House Association (NACHA), that organization has been the subject of sustained phishing attacks via fraudulent messages purporting to originate with NACHA, such as the bogus "transfer rejected" messages reproduced above. According to NACHA:



Fraudulent Emails Appearing to Come from NACHA Action Requested

NACHA requests that financial institutions, billers, and payment providers ensure that their frontline staff — those who interact with customers — understand the sustained and evolving nature of these attacks. Organizations may wish to consider designating a focal point to coordinate communications and awareness internally and with customers. Kindly instruct customers to forward fraudulent emails they receive that appear to come from NACHA to abuse@nacha.org for analysis.

Further to previous Members Memos and notices made available on our website since February 2011, NACHA has been the victim of sustained and evolving phishing attacks in which consumers and businesses are receiving emails that appear to come from NACHA. The attacks are occurring with greater frequency and increased sophistication. Perpetrators may also be exploiting email addresses recently stolen from Epsilon.

These fraudulent emails typically make reference to an ACH transfer, payment, or transaction and contain a link or attachment that infects the computer with malicious code when clicked on by the email recipient. The contents of these fraudulent emails vary, with more recent examples including a counterfeit NACHA logo and the citation of NACHA’s physical mailing address and telephone number.

NACHA itself does not process nor touch the ACH transactions that flow to and from organizations and financial institutions. NACHA does not send communications to persons or organizations about individual ACH transactions that they originate or receive.

Caution your customers not to open attachments or follow Web links in unsolicited emails from unknown parties or from parties with whom they do not normally communicate, or that appear to be known but are suspicious or otherwise unusual. Direct them to forward suspected fraudulent emails appearing to come from NACHA to abuse@nacha.org to aid in our efforts with security experts and law enforcement officials to pursue the perpetrators.

If malicious code is detected or suspected on a computer, consult with a computer security or anti-virus specialist to remove malicious code or re-install a clean image of the computer system. Always use anti-virus software and ensure that the virus signatures are automatically updated. Ensure that the computer operating systems and common software application security patches are installed and current.


Last updated:   1 September 2011

David Mikkelson founded the site now known as snopes.com back in 1994.