By far the most common theme for malware emails over the last few weeks has been “interbank payment rejected” or similar. The emails refer to a cancelled or rejected interbank transaction and are alternatively from:
- Electronic Payments Association
- ACH (Automated Clearing House)
- NACHA (National Automated Clearing House Association)
What does any of this have to do with LinkedIn? Not much. But the latest version of the NACHA themed emails features the subject line: “So now you’re on LinkedIn: What’s next?”. This could be:
– designed to increase the open-rate for recipients who might otherwise ignore a “transaction rejected” email
– designed to fool some very primitive spam filter
– a mistake made by the email’s creator
Perhaps the malware distributor who sent this email can enlighten us.
The ACH transaction (ID: 90343675941857), recently initiated from your bank account (by you or any other person), was canceled by the other financial institution.
Transaction ID: 90343675941857
Reason of rejection See details in the report below
Transaction Report report_90343675941857.doc (Microsoft Word Document)
13450 Sunrise Valley Drive, Suite 100
Herndon, VA 20171