The most prominent example of the malware-loaded spam wave this month impersonates the Automated Clearing House (ACH), a US-based financial service offered by NACHA. The message looks pretty convincing, as the spam samples we investigated have been tampered with to appear as if they had been set from a @nacha.org e-mail account. Attached to the message is a zip archive purportedly detailing the failed transaction, which the user is advised to review. However, the file inside bears a double extension (pdf.exe), so even if it looks like a PDF file, it is actually an executable file.”]

