The U.S. Financial Industry Regulatory Authority (FINRA) has issued a notice warning member brokerage firms of widespread phishing attacks using surveys to harvest information.
FINRA is a non-profit organization and self-regulatory body authorized by the U.S. government to regulate exchange markets and brokerage firms.
According to FINRA, the organization supervises over 624,000 brokers across the country and examines billions of market events each day.
The financial industry regulator said that the phishing messages are being sent from a fake FINRA domain and made to look like they were being sent by FINRA.
Member firms are asked to fill a survey by October 13, with the information needed to FINRA would need to “update its conduct and supervisory rules.”
“The email was sent from the domain ‘@regulation-finra.org’ and was preceded by ‘info’ followed by a number, e.g., info5@regulation-finra.org,” the regulator said.
Also Read: Data Protection Authority GDPR: Everything You Need To Know
“FINRA recommends that anyone who clicked on any link or image in the email immediately notify the appropriate individuals in their firm of the incident.”
Since the regulation-finra.org domain is not connected in any way with FINRA, member firms are urged to immediately delete any and all emails they received from this domain.
FINRA has also requested NameCheap, the Internet domain registrar used to register this domain four days ago, to suspend services for regulation-finra.org.
“FINRA reminds firms to verify the legitimacy of any suspicious email prior to responding to it, opening any attachments or clicking on any embedded links,” the notice adds.
During August, FINRA warned members of attackers using registered brokers’ info to create convincing phishing sites.
Another alert issued the same month notified of threat actors using copycat site hosted at finnra[.]org with a registration form used to collect personal information that could later be used in spear-phishing attacks targeting FINRA members.
The regulator issued another security alert in May warning of a “widespread, ongoing phishing campaign that involves fraudulent emails purporting to be from FINRA officers,” including but not limited to Josh Drobnyk and Bill Wollman, two of the non-profit’s vice-presidents.
Last year, FINRA also published a notice to inform of fraudulent emails targeting members using a USA Patriot Act provision relating to the ability of financial organizations to share info for additional authenticity.
Also Read: Website Ownership Laws: Your Rights And What These Protect
Importance of Efficient Access Controls that every Organisation in Singapore should take note of. Enhancing…
Prioritizing Security Measures When Launching a Webpage That Every Organisation in Singapore should take note…
Importance of Regularly Changing Passwords for Enhance Online Security that every Organisation in Singapore should…
Comprehensive Approach to Data Protection and Operational Integrity that every Organsiation in Singapore should know…
Here's the importance of Pre-Launch Testing in IT Systems Implementation for Organisations in Singapore. The…
Understanding Liability in IT Vendor Relationships that every Organisation in Singapore should look at. Understanding…
This website uses cookies.
