However, it’s critical that you educate yourself on fraud and phishing in order to increase your online security: millions of fraudulent emails are sent daily, and even the most discerning consumer can be fooled by an expert scam. Our educational resources and consumer protection guidelines help you understand what we’re doing to protect you, as well as providing resources for identifying phishing.
Financial institutions, businesses and individuals can all benefit from using the ACH Network for Direct Deposit and Direct Payment via ACH. By automating your payments and using our secure system, you avoid the risks and hassle associated with paper checks.
Phishing scams are typically fraudulent emails that appear to come from legitimate sources. Those emails, and the people behind the scam, attempt to steal your personal information: the email might request a password, account numbers, a social security number or other information to be used in identity theft.
Fraudulent emails also often contain attachments or links to phony websites. Clicking on either can infect your computer with malware, giving the perpetrator access to your usernames, passwords or other private data.
Keep in mind that NACHA does not send communications of any type to persons or organizations about individual ACH transactions that they originate or receive. We maintain a high level of security by actively investigating phishing and fraud, and we partner with our members to uncover new scams.
Knowing how to identify a fraudulent email or website is the first step in protecting yourself against phishing. These scams can be extremely sophisticated, using legitimate company information and visuals to trick you into believing the email or website is affiliated with NACHA. Familiarize yourself with common elements of phishing:
Unauthenticated email address: Because addresses can be spoofed, it’s up to you to authenticate the legitimacy of the sender. Some internet service providers have stronger spam filters than others, helping you ensure that the address is actually from the authentic IP address it purports to have.
Typos and grammatical mistakes: Fraudulent emails often insert spelling or grammar errors in order to bypass email filters.
Awkward greeting: The email may not refer to you by name.
Sense of urgency: Many phishing emails rely on compelling language, encouraging you to take action immediately for the sake of your own security.
Randomly generated numbers: The email may have seemingly specific account numbers in order to create a sense of uniqueness and legitimacy.
Links: As mentioned, numerous phishing emails rely on external links. When you roll your mouse over the link, without clicking, it may say one thing in print but have a link source code pointing to an entirely different website.
Company logos: Fraudulent emails often contain authentic business logos, addresses and phone numbers to trick you into taking them seriously.
To avoid identity theft, do not open suspicious emails or emails from unknown parties. If you do open an email, avoid any links, attachments, photos or graphics that you can’t verify as being from NACHA. If you suspect you’ve received a fraudulent email portending to be from NACHA, forward that email to email@example.com.
For further information on protecting yourself from phishing and fraud, as well as advice on what to do if your computer is infected with malware, use the resources below.