By far the most common theme for malware emails over the last few weeks has been “interbank payment rejected” or similar. The emails refer to a cancelled or rejected interbank transaction and are alternatively from:
What does any of this have to do with LinkedIn? Not much. But the latest version of the NACHA themed emails features the subject line: “So now you’re on LinkedIn: What’s next?”. This could be:
- designed to increase the open-rate for recipients who might otherwise ignore a “transaction rejected” email
- designed to fool some very primitive spam filter
- a mistake made by the email’s creator
Perhaps the malware distributor who sent this email can enlighten us.
The ACH transaction (ID: 90343675941857), recently initiated from your bank account (by you or any other person), was canceled by the other financial institution.
Transaction ID: 90343675941857
Reason of rejection See details in the report below
Transaction Report report_90343675941857.doc (Microsoft Word Document)
13450 Sunrise Valley Drive, Suite 100
Herndon, VA 20171