Skip to content

Beware of Email “Urgent notice about your electronic payments”

Hopefully more and more people are catching on, but please, do NOT believe emails like this. This email and it’s linked site is a scam, and they are hoping I will bite so they can phish my account and information. Since I don’t have a business account, then obviously (for me) this is a scam. If you do have business accounts, just contact your bank, or software company, directly. It’s worthy to note that the actual automatic deposit transaction is handled on the banking end, so if you use a payroll software to authorize paychecks, being out of date means it’s just out of date. It will still work. Your software should notify you with those annoying pop-ups when it needs some attention, not an email like this.

Sadly, most people that are reading this already know to trash these emails. It is the non-internet-savvy people that take the bait – hook, line and sinker. If you know anyone like that, please just talk to them and find out if they’re aware of emails like this. The elderly are especially susceptible.

2012-12-13 21_25_24-Urgent notice about your electronic payments

Click to view full size

Since this isn’t the first time I have received this email, I decided to do a bit of searching of the address listed in the email:

ACH Network Rules Department
NACHA | The Electronic Payments Association

16353 Sunrise Valley Drive, Suite 474
Herndon, VA 28727
Phone: 703-359-0738 Fax: 703-005-2904

There were a few sites discussing this email which apparently started appearing back in 2011. Possibly longer, but I didn’t read every search result. Just a few sites I’m familiar with, and that my security system approves. The info I found says the following:

ACH stands for Automated Clearing House, a federally regulated network that allows U.S. financial institutions to electronically send money back and forth. The network is governed by the National Automated Clearing House Association (NACHA) – operated by the Federal Reserve and Electronic Payments Network. (link)

I decided to post about this email was after I studied it a bit more this time and realized that it had actually been very well devised. First, this scammer is using a legitimate company’s name and to some people, that’s good enough for them. They even went so far as to provide a “From” name ( that could very well be a subdomain of the NACHA site (which is legit). Anything may be entered in the “From” field… Tweedle Dee, Alice, White Rabbit…. But the actual email it was sent from shows in the email and it definitely is NOT from NACHA. In fact, the email appears to originate from Germany, although I doubt the actual scammer is there.

Secondly, the actual wording doesn’t give the typical red flags that scammers do, which are, for example, “download this software” or “use this link to fill out our official form” and so on. In fact, the email specifically says to contact your financial institution. But right before that is a link you can use to go get the details since most people would want to have the specific details on hand when they do call their bank. Who knows what lies on the other end of that link.

email-scamSo, please, make sure the people you know who do not have strong email/internet knowledge know not to click any link or attachment in an email they have no idea who it’s from. The world will not stop rotating if anyone holds off opening an email or clicking a link until they’ve done more research.

In fact, I finally “trained” my housemate not to even open an email she doesn’t recognize. Let me know and I’ll check it out. She’s quite a bit older than I am and her computer/internet skills are very minimal. I have no doubt she would have clicked on this link had she received it before I gave her an email scam lecture. LOL… I even installed the same security system I use and when it detects something really bad, it will make a horribly loud, ear-piercing tone while flashing a red notification. It’s impossible to miss it (yeah, I’ve been to a few sites I shouldn’t have – by my choice – and it let me know). So if I ever hear that noise from her office followed by a scream, I’ll know what happened.


  1. FYI there is one out there about a Hallmark card that has a nasty virus with it. I don’t have any details,just thought I would pass the info along.Have a good day.

  2. Oh yes, I’ve received this one. It was an obvious fraud to me, but I suspect that a lot of folks who do internet banking and bill paying might be caught off guard by it. Sending it to me was a waste of their time. If they are phishing in this pond, they’re using the wrong bait. As you must know by now, I’m a heathen rascal, and would be easy enough to catch if the trap had been bated and set properly.

    BTW Mary, The “Hallmark” virus was a threat some years ago, and the warnings about it circulate constantly. I get a notification from somebody about it at least 2 or 3 times a month. I think that one has played out, but I’d still not open anything like it.

    There should be some kind of investigation service that knows how to provide these bandits with the appropriate “Does not play well with others” tag. If it were up to me, I’d declare them all deserving to become dog food. Do you ever wonder if…never mind. Merry Christmas.

    • Oh, yeah. Those of us who are web-geeks can easily spot them. But last night, I read it a bit more closely and paid attention to the “little” things and realized for a scam artist email, they’ve done a pretty good job! In fact, the only obvious giveaway was the actual email which came from a .de domain. Naturally since I don’t have accounts like this, plus I know this is not proper procedure for auto deposits, I knew it was a scam from the get-go. LOL… especially because google put it in my spam folder with that big red ribbon with the warning in it. That’s a “no-duh.” Anyway…. before I gave my email/scam/malware lecture, my housemate, Lyn, most likely would have clicked that link just to see what’s going on. Now she knows I’ll chop her hands off if she does anything like that.

      There are a few other similar versions which don’t specifically say “business account.” It just says automatic payment didn’t go through, but doesn’t indicate whether a deposit or auto payment. I could see so many elderly people who grew up in a different world with different values think that it’s legit.

      I am still rather impressed with it. Best I’ve seen come through.

  3. I get this a lot, but lately the usual spam, pharmacy and fake watches ads are less, with these and other payment being more prominent. But being vigilant is important, along with having a good spam filter ( I have seen the prefilter stuff, it is 500:1 dumped before I see it) along with a good set of rules for deleting mail for known spammy senders. Not using IE as the default web browser also helps, along with using the good addons.

    • Yeah, I have an old yahoo that I don’t use, but it’s still up as I have a few accounts with it and have just been too lazy to change to my gmail. And I get all kinds of crap, pharmacy links, etc. in yahoo. Now my gmail has an excellent filter. This one was in my gmail and that’s very rare. Every once in a while gmail puts a legit email in my spam so I typically check before I delete.

      • Gmail can automatically import the mail from the Yahoo ( or hotmail) account and present it all in one convenient box for you.

        • Thanks, but I would rather get rid of it. Too much spam and my yahoo is constantly being used to send spam. LOL… I send myself Canadian pharmacy links all the time. I just need to figure out which accounts still show yahoo and make those changes.

Go ahead... I can hear your thoughts. Please share with the rest!

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: