Select Page

Cyren Security Blog

The Cyren Security Blog is where Cyren engineers and thought leaders provide insights, research and analysis on a range of current cybersecurity topics.

NACHA payment rejected – malware (not phishing)

Last week we reported about a large outbreak of emails that inform recipients of rejected IRS payments. The IRS theme has now been replaced with NACHA-themed emails that contain virtually identical content – including links to malware executable s that are presented as “self-extracting” PDF files. NACHA manages the development, administration, and governance of the ACH Network which provide for the interbank clearing of electronic payments for participating depository financial institutions.

While researching this attack and the IRS-themed attack it has become apparent that some blogs and security information sources (as well as warnings on the sites themselves) are grouping these attacks with phishing attacks that targeted these organizations in the past. We hope it is clear that the attacks of the past week are not phishing attacks, but rather malware attacks that have a much broader threat potential then phishing aimed at a particular organization.

You might also like

What is Microsoft Office 365 Advanced Threat Protection?

Office 365 Advanced Threat Protection (also known as ATP and Defender) can provide your organization with advanced security features - keeping you protected from cybersecurity threats. With today's cybersecurity landscape, where new threats appear daily, if not...