ACH Leads to Fake Java Update

 Analysis by: Dhan Praga

Targeted spam runs are attacks destined for one specific organization or industry. Recently, TrendLabs received a large volume of targeted attacks from {BLOCKED} Nacha (National Automated Clearing House Association) is an organization that develops electronic solutions for the ACH payment system in United States.

The email message indicates a transaction from ACH has been cancelled and would like the user to click the link to view the details. Upon clicking the link, it redirects the user to a site that allows the download of a fake Java update.

Users are advised to be vigilant when it comes to opening email messages even if it comes from a known source.

 SPAM BLOCKING DATE / TIME: February 23, 2011 GMT-8
  • ENGINE:6.5
  • PATTERN:7974