The Financial Industry Regulatory Authority has issued recent cybersecurity alerts to its member firms warning them to beware of attempted phishing attacks, ThinkAdvisor reports.
On April 25, FINRA alerted firms to a fraudulent campaign using the domain name “@claims-finra.org”. Two days later, a second alert warned of a potentially related phishing attack also purporting to be from FINRA. “This new attack may use the same FINRA staff person’s name as the prior attack and may look like it was sent from that staff member’s “finra.org” email address”, the authority said.
According to the alert, recipients may be asked to click on a “View Request” button which generates an email addressed to the “@claims-finra.org” domain. The authority points out that the domain “claims-finra.org” is not connected to FINRA, and advises recipients of the attack not to click on the “View Request” button and to delete all e-mails from that domain name. FINRA said it is working to have the Internet domain registrar suspend services for “@claims-finra.org.”
The latest alert contained a sample of the phishing attack email addressed to recipients, which states: “Please find the request for firm name. The Secretary of State has requested that you provide a “signed” response to the request. Kindly view the request and respond with the required information As instructed in the letter, I will keep this request open until Friday 04/29/22.”
FINRA also reminded firms to make sure any suspicious email is legitimate before responding to it, opening any attachments or clicking on any embedded links.
Firms seeking more information were advised to review FINRA’s Cybersecurity Topic Page.
The attorneys at Lewitas Hyman fully understand the regulatory scrutiny financial professionals and their firms face from the various regulators that oversee the financial services industry. We have decades of experience representing clients with respect to examinations, investigations and enforcement proceedings initiated by the SEC, FINRA, state securities regulatory agencies and other self-regulatory organizations. If your firm is facing an investigation from a regulatory agency, please contact Lewitas Hyman at (888) 655 6002 or through our online contact form.