Ongoing Phishing Scam Impersonating FINRA

by: Align on Oct, 15, 2020 | 0 Comments
 hero Image

The U.S. Financial Industry Regulatory Authority (FINRA) issued a Regulatory Notice (“Notice”) warning member firms of a phishing email impersonating the organization. 

We have summarized key points from the Notice below.

Phishing-Scam-Impersonating-FINRA

In the announcement, FINRA warns of a spike in fraudulent emails targeting registrants, asking firms to complete a questionnaire. 

Recommendations 

The organization then outlines several observations and considerations for broker-dealers and investment firms, including:

  • The email’s sender name begins with “info” followed by a number and the domain “@regulation-finra.org.” For example, info8@regulation-finra.org
  • The email source is not connected to FINRA.
  • Member firms should delete all communications originating from the aforementioned domain name.
  • Do not click on suspicious links in digital communications. 
  • Further questions regarding this Notice should be directed to FINRA. For contact details, see here: https://www.finra.org/rules-guidance/notices/20-35 

Align’s Take

To help prevent broker-dealers and investment firms from falling victim to cyber scams, we offer the following guidelines and resources:

  • Align’s Managed Services team has designed an industry-specific Security Awareness Training program that incorporates phishing campaigns and simulates cyber-attacks, such as phishing emails, to help broker-dealers and investment firms identify and thwart social engineering scams.
  • Approach emails with extreme caution, especially those that convey urgency, ask you to download something, or immediately perform an action.
  • Always examine the “from” field in emails to check for a questionable address.
  • Never click on a link without hovering first and verifying its legitimacy. 
  • If you believe you are a victim of this scam, we recommend contacting your managed services provider (MSP) or IT provider.

Do you have further questions or cybersecurity concerns?

For Align Managed Services customers, we advise you to contact your account manager, Abe Thomas, at athomas@align.com or call +1 212-546-6124.

For all other clients and colleagues, Align recommends reaching out to John Araneo at cyber@align.com or via phone at +1 212-844-4030.

Alternatively, feel free to contact us here or by clicking on the button below. To learn more about Align's Cybersecurity Advisory Practice, visit here


Reach Out Here

 

Tags: Cybersecurity, Managed Services

Related Articles

 
SEC Issues Cybersecurity Risk Alert on Compromised Credentials

Cybersecurity

SEC Issues Cybersecurity Risk Alert on Compromised Credentials

This is Fourth (4th) Risk Alert of 2020 Released by the SEC OCIE On September 15, the U.S.

Read More >