>>> On 6/3/2013 at 6:08 AM, Axb <axb.li...@gmail.com> wrote: > On 06/03/2013 12:04 PM, Joe Acquisto-j4 wrote: >>>>> On 6/2/2013 at 12:30 PM, Wolfgang Zeikat <wolfgang.zei...@desy.de> wrote: >>> In an older episode, on 2013-06-02 16:16, David F. Skoll wrote: >>> >>>> 3) Envelope sender is in the nacha.org domain >>> >>> 2 days ago, we received hundreds of mails with that envelope sender >>> domain containing malware like >>> Case_05312013_28192.exe extracted from the attachment Case_3375975.zip >>> >>> And currently, hundreds of mails with said sender domain are being >>> rejected here due to RBLs. >>> >>> Regards, >>> >>> wolfgang >> >> What's interesting to me is that nacha is the "standards" (my term) > association (www.nacha.org) for ach (the automated check clearing house) > which does such things as direct deposit and other transactions. >> >> They offer ab...@nacha.org >> >> joe a. >> > > As they're all using forged senders/HELOs, pretty pointless to hammer an > abuse@ desk with such issues. It's not Nacha spamming...
Right. Just thought they might want to take action on their own based on some samples. Still early where I am. joe a.
