Home Page »
Online Banking
Education Center > Security > Current Phishing Scams > Fraudulent Phishing Emails Appearing to Come from NACHA

Fraudulent Phishing Emails Appearing to Come from NACHA

THIS “PHISHING” ATTACK IS NOT TARGETED SPECIFICALLY AT SAFE CREDIT UNION NOR IS IT ORIGINATING FROM SAFE CREDIT UNION. THIS IS A BLANKET ATTACK CURRENTLY UNDERWAY ACROSS THE US.

Consumers and businesses, including SAFE members, have been receiving phishing emails that are supposedly originating from NACHA. The phishing attacks are occurring with greater frequency and increased sophistication. The phishing perpetrators may also be exploiting email addresses recently stolen from Epsilon.

These fraudulent emails typically make reference to an ACH transfer, payment (Automatic Clearing House Transfer), or transaction and contain a link or attachment that infects the computer with malicious code when clicked on by the email recipient. The contents of these fraudulent emails vary, with more recent examples including a counterfeit NACHA logo and the citation of NACHA’s physical mailing address and telephone number.

NACHA itself does not process nor touch the ACH transactions that flow to and from organizations and financial institutions. NACHA does not send communications to persons or organizations about individual ACH transactions that they originate or receive.

To our knowledge, this event has not had an adverse effect on any SAFE members, however we have received some informational calls and want to caution and educate our members not to open attachments or follow Web links in unsolicited emails from unknown parties or from parties with whom they do not normally communicate, or that appear to be known but are suspicious or otherwise unusual. Forward any suspected fraudulent emails appearing to come from NACHA to abuse@nacha.org to aid in their efforts with security experts and law enforcement officials to pursue the perpetrators. If you have provided ATM or Credit Card information:

Phishing attacks such as this one use virus and/or Trojans to install programs called "key loggers" on your computer. These programs capture and send out any information that you type to the phisher, including credit card numbers, usernames and passwords, Social Security Numbers, etc. In this case, you should:

  • Install and/or update anti-virus and personal firewall software
  • Update all virus definitions and run a full scan
  • Confirm every connection your firewall allows
  • If your system appears to have been compromised, fix it and then change your password again, since you may well have transmitted the new one to the hacker.
  • Check your other accounts! The hackers may have helped themselves to many different accounts: Check your eBay account, PayPal, your email ISP, online bank accounts, online trading accounts, Amazon.com and other e-commerce accounts, and everything else for which you use online password

If you are unsure about any emails, feel you have been affected by this scam or your personal data has been compromised, please contact SAFE's call center immediately at (916) 979-7233 or (800) 733-7233.


Click here
for more information about phishing and how you can avoid the bait!

© SAFE Credit Union. All Rights Reserved.
Protecting your privacy is our top priority. Please refer to our Privacy Statement for more information.