Sponsored by..

Tuesday 23 October 2012

NACHA spam / bwdlpjvehrka.ddns.info

This fake NACHA spam leads to malware on bwdlpjvehrka.ddns.info:

Date:      Tue, 23 Oct 2012 05:44:05 +0200
From:      "noreply@direct.nacha.org"
Subject:      Notification about the rejected Direct Deposit payment

Herewith we are informing you, that your most recent Direct Deposit via ACH transaction (#914555512836) was cancelled, due to your current Direct Deposit software being out of date. Please use the link below to enter the secure section of our web site and see the details::


Please contact your financial institution to acquire the new version of the software.

Sincerely yours

ACH Network Rules Department
NACHA | The Electronic Payments Association

13450 Sunrise Valley Drive, Suite 100
Herndon, VA 20171
Phone: 703-561-1100 Fax: 703-787-0996
The malicious payload is at [donotclick]bwdlpjvehrka.ddns.info/links/calls_already_stopping.php hosted on (TheFirst-RU, Russia). Blocking this IP address would be a good move.

No comments: