Yes. It's bogus and you should not click on any links or respond to it in any manner.
Still, I have to give the hackers who originated this scam message credit, it's an original approach to what appears to be an attempt to actually install a virus or some spyware onto recipient computers. At this point in time, just about everyone has some sort of automatic payments that they make to pay for bills, mortgage, insurance, or similar. Whether most people know that electronic transactions are paid through a central organization called the NACHA, The Electronic Payments Organization, is another story, but still, it's definitely smart of them to reference the group.
I also received one of these messages and here's what that one said:
The ACH transaction (ID: 0587369056092), recently sent from your checking account (by you or any other person), was rejected by the other financial institution.
Rejected transaction
Transaction ID: 0587369056092
Reason of rejection See details in the report below
Transaction Report report_0587369056092.doc (Microsoft Word Document)
About NACHA
Utilized by all types of financial institutions, the ACH Network is governed by the NACHA Operating Rules, a set of fair and equitable rules that guide risk management and create certainty for all participants. As a not-for-profit association, NACHA represents nearly 11,000 financial institutions via 17 regional payments associations and direct membership. Through its industry councils and forums, NACHA brings together payments system stakeholders to enable innovation that strengthens the industry with creative payment solutions.
The NACHA Operating Rules provide the legal foundation for the exchange of ACH payments and ensure that the ACH Network remains efficient, reliable, and secure for the benefit of all participants. In its role as Network administrator, NACHA manages the rulemaking process and ensures that proposed ACH applications are consistent with the Guiding Principles of the ACH Network. The rulemaking process provides a disciplined, well-defined methodology to propose and develop and propose rules amendments to the NACHA voting membership, the decision makers for the NACHA Operating Rules.
Looks legit, right?
A closer examination of the message reveals a few oddities, though.
The most important one is that there's a ".doc" word file link that is supposed to have the details of the transaction, but examining the link -- rather than clicking on it! -- reveals that it's actually a link to a shortened URL from a ".ie" domain: http://url.ie/dhvfxf
Any time you see a shortened URL of this nature you should run away. That would never be part of a legitimate message from any sort of financial institution, not to mention that it should also be a secure "https" link anyway.
To their credit, url.ie caught this particular problem too and clicking on the shortened URL produces the error "This link (URL) has been blocked for violating our Terms of Service."
The second oddity is the sender's email address:
"The Electronic Payments Association" <bonnierw23@luther.k12.wi.us>
That's clearly impossible. There are no legit NACHA messages originating from a K-12 school in Wisconsin!
Add these two up, sprinkle in a bit of common sense, and it's clearly a scam and is best deleted immediately.
As always, be careful out there.
Sign up for my weekly AskDaveTaylor Newsletter and you'll receive even more tech and gadget help
right to your inbox, along with exclusive news and industry updates. It's good stuff. I promise!
I just got an email from an organization called NACHA that claims I have a failed ACH automatic payment transaction. Well, I do pay some bills through electronic funds transfer, but I'm confused: why wouldn't this message have come from my bank rather than some central organization. Is it a scam?
I, too, have been getting those for quite some time. Lately, I sometimes get a dozen or more a day which make it through my spam filters. (I haven't checked the spam filters to see how many get caught.)
Note that, sometimes, they come from "more legitimate" sounding addresses, such as with a "nacha.org" or "eftps.gov" domain name.
However, even more telling than the URL-shortener is the fact that the attachment is (supposedly) an MS-Word document. I highly doubt that any legitimate service would send anything in such a format, and instead use something like PDF. (Actually, I would expect that they would tell you to log in to your account and check the information there.)
Other times, they include a .zip archive of a supposed PDF file. However, the .zip file actually includes a Windows executable instead.