The following is an important update from the NACHA - The Electronics Payment Association
regarding an ongoing e-mail phishing scam.
Further to notices issued on March 11 and February 22, 2011, NACHA – The Electronic
Payments Association has received reports that individuals and/or companies continue
to receive fraudulent emails that have the appearance of having been sent from NACHA.
These emails vary in content and appear to be transmitted from email addresses associated
with the NACHA domain (@nacha.org). Some bear the name of fictitious NACHA employees
NACHA itself does not process nor touch the ACH transactions that flow to and from
organizations and financial institutions. NACHA does not send communications to
persons or organizations about individual ACH transactions that they originate or
Be aware that phishing emails frequently have attachments and/or links to Web pages
that host malicious code and software. Do not open attachments or follow Web links
in unsolicited emails from unknown parties or from parties with whom you do not
normally communicate, or that appear to be known but are suspicious or otherwise
If malicious code is detected or suspected on a computer, consult with a computer
security or anti-virus specialist to remove malicious code or re-install a clean
image of the computer system.
Always use anti-virus software and ensure that the virus signatures are automatically
Ensure that the computer operating systems and common software application security
patches are installed and current.
Additional information and guidance on phishing is available from the Federal Deposit
Insurance Corporation (FDIC).