NACHA Phishing Scam
This phishing scam has been widely reported from as far back as Feb 2011. Today I received the email myself. The first warning sign was that there were approximately twenty other email addresses CC'd on the same email all supposedly having the same failed transaction number. Obviously a mistake on the part of the sender. Also the from address didn't bear much relation to the supposed sender. *thi***@sui****.com Opening the email on a "safe" machine I took a look through the source and there was a significant amount of javascript. along with a link to a website in South Africa which is accessed once the "view report" link is clicked. The site is a company site and therefore has likely been compromised and the offending link hidden with a numeric directory name. NACHA have reported this scam and users should not open the link due to it's likelihood to infect the machine. To protect identities, the CC'd addresses, website link and from address have