October 15, 2020

Ongoing Phishing Scam Impersonating FINRA

by: Align

The U.S. Financial Industry Regulatory Authority (FINRA) issued a Regulatory Notice (“Notice”) warning member firms of a phishing email impersonating the organization. 

We have summarized key points from the Notice below.

Phishing-Scam-Impersonating-FINRA

In the announcement, FINRA warns of a spike in fraudulent emails targeting registrants, asking firms to complete a questionnaire. 

Recommendations 

The organization then outlines several observations and considerations for broker-dealers and investment firms, including:

  • The email’s sender name begins with “info” followed by a number and the domain “@regulation-finra.org.” For example, info8@regulation-finra.org
  • The email source is not connected to FINRA.
  • Member firms should delete all communications originating from the aforementioned domain name.
  • Do not click on suspicious links in digital communications. 
  • Further questions regarding this Notice should be directed to FINRA. For contact details, see here: https://www.finra.org/rules-guidance/notices/20-35 

Align’s Take

To help prevent broker-dealers and investment firms from falling victim to cyber scams, we offer the following guidelines and resources:

  • Align’s Managed Services team has designed an industry-specific Security Awareness Training program that incorporates phishing campaigns and simulates cyber-attacks, such as phishing emails, to help broker-dealers and investment firms identify and thwart social engineering scams.
  • Approach emails with extreme caution, especially those that convey urgency, ask you to download something, or immediately perform an action.
  • Always examine the “from” field in emails to check for a questionable address.
  • Never click on a link without hovering first and verifying its legitimacy. 
  • If you believe you are a victim of this scam, we recommend contacting your managed services provider (MSP) or IT provider.

Do you have further questions or cybersecurity concerns?

For Align Managed Services customers, we advise you to contact your account manager, Abe Thomas, at athomas@align.com or call +1 212-546-6124.

For all other clients and colleagues, Align recommends reaching out to John Araneo at cyber@align.com or via phone at +1 212-844-4030.

Alternatively, feel free to contact us here or by clicking on the button below. To learn more about Align's Cybersecurity Advisory Practice, visit here


Reach Out Here

 

Continue Reading

Related Articles

★★★★★

“Align is our trusted provider for all our Managed Services and cybersecurity needs. They provide us best-in-class IT services that not only help drive productivity and growth, but ensure we meet both current and evolving compliance and security requirements with ease. As consultants to financial advisors, trust and reliability are indispensable to our operations, which is why we never hesitate to refer Align to our very own client base. Align isn’t just our partner, they are an extension of our team. We look forward to entrusting them with our IT infrastructure for years to come.”

Ed Fasano - Experienced Advisory Consultants LLC