Suspicious emails from NACHA - beware

[Hereford]

In case anyone else gets an email apparently from NACHA (processing of electronic payments):

We just made an online payment and immediately got an email saying it had been cancelled and "to find out why click on the link to open a file"...

As we had just made a payment I was not at first suspicious but the file would not open (internet speed not fast!) so I stopped and looked at our bank account and it was clear that the payment had not been cancelled.

If you "google" NACHA there is a report on spam emails.  Just delete the email as always.

I have asked my bank (Barclays) how these scammers knew I had made an online payment.  I tried to forward the email but it was undelivered as a virus was found!

Mrs H

[AnOther]

Duplicate post

[AnOther]

Google 'NACHA scam', all will be revealed.

The attachment to the mail had a malicious payload which is why it was bounced, lucky for you you couldn't open it. It's worrying that your own Anti Virus didn't spot it !

Getting the email could have been been nothing more than coincidence, others with no connection to NACHA whatsoever (I've never even heard of it/them) will have received them too.

Either that or your PC is infected with some sort of spyware or trojan which flags up to the scammers that you have used the service and automatically sends you the phishing email [:-))]

Can you make another very small payment somewhere. If you immediately get another email then get your PC disinfected pronto.

[Hereford]

Thanks for thoughts AnOther. My virus checker did not get a chance to detect it as I use webmail and don't download. At least I think that is the explanation...

I have done a full scan from my (business version via son-in-law who works for a software company) antivirus program and no sign of any problems. He will be visiting us next month so will do a real trawl.  Barclays (and the other bank we use in the UK) use card readers which give a one time code to use to log in so are pretty fireproof - not so sure about French accounts though where security seems non existent.  In any case we check all our accounts daily (sad really but now I feel vindicated) so will immediately spot anything untoward.

I am confident that we have got away this time but just shows we should all be alert!  NACHA seem to be in the US and our private email address is "hosted", if that is the right word, in the US and is from a domain name owned by a member of the family- we do not use an ISP address. 

Mrs H