According to NetworkWorld, a new spam campaign originating from the Pushdo botnet is targeting the National Automated Clearing House Association, a financial transfer system that handles trillions of dollars in transactions annually.
The spam messages purporting to be from the association contain a link to a fake Web site that looks like association's. Visitors are instructed to download a PDF file that is actually an executable known as Zeus. This piece of malware can harvest the authentication details required to initiate a transaction.
The association reminds users:
NACHA does not send communications to individuals or organizations about individual ... transactions that they originate or receive.