Phishing email with package

[Ink]

Today I was buying an item from an online store, but the operation timed out. So to avoid any unnecessary purchases I left it, in case it did get processed.

Went out for a few hours and got caught in traffic due to a light-aircraft crash causing a delay, in which I waited 90 minutes doing ~22mph.

Get back to check my email and notice an email in the Spam:

ACH transfer (ID:xxxxxxxxxx) is going to be reviewed because of the incorrectly input data 
when sending the payment. 

Important: 
Please, fill in the application form attached attentively and send it to us. 
After that your transfer will be processed. 

If you have any questions or comments, contact us at info@nacha.org. 
Thank you for using www.nacha.org 

Cathy McNickle 
NACHA Risk Management Services

At the bottom of the email is an attachment:

Name: form-62
Size: 13K

Google doesn't say what the file is, but it turns out to be .zip. Without extracting the contents, 7-Zip displays a form-62091.exe

I upload the .zip directly to VirusTotal:

http://www.virustotal.com/file-scan/report.html?id=22c94cd6379c0bf453bf175b55337f7c397889a5e19174efd33f03f0941504b5-1314984993

Reported email as Phishing in Gmail.

 

[Jack]

+1 to gmail for putting this email in the spam category.I've never received a email with a malicious attachment and like you I would most likely immediately know that is a dangerous download but with so many security newbies which lack common sense I can bet that this malware was run by some people in this world.
The malware threat is pretty new since it was detected by all the 10 vendors as a generic virus.
I can't understand how this guys manage to get your email if you were on a reputable online store.. :dodgy:

 

[Deleted member 178]

I can't understand how this guys manage to get your email if you were on a reputable online store.. :dodgy:

trust no one specialy employee of stores.