A notice has been released by the U.S. Financial Industry Regulatory Authority (FINRA) warning member brokerage firms of widespread phishing attacks using data harvesting surveys.
FINRA is a non-profit corporation and self-regulatory agency authorized to oversee exchange markets and trading companies by the U.S. government.
The organization oversees over 624,000 brokers across the country, according to FINRA, and examines billions of market events each day.
Phishing attempts sent from fake FINRA email addresses
The regulator of the financial industry said that the phishing messages were sent from a fake FINRA domain and made to look like FINRA was sending them.
Member firms are requested to fill out the survey by 13 October, with the information necessary for FINRA to “update its conduct and supervisory rules.”
The email was sent from the ‘@regulation-finra.org’ domain and was preceded by’ info ‘followed by a number, e.g., firstname.lastname@example.org,’ said the regulator.
“FINRA recommends that anyone who clicked on any link or image in the email immediately notify the appropriate individuals in their firm of the incident.”
Sample Phishing Email (FINRA)
As the regulation-finra.org domain is not related to FINRA in any way, member companies are advised to remove any and all emails they have received from this domain immediately.
FINRA also demanded the suspension of services for regulation-finra.org from NameCheap, the Internet domain registrar used four days ago to register the domain.
“FINRA reminds firms to verify the legitimacy of any suspicious email prior to responding to it, opening any attachments or clicking on any embedded links,” the notice states.
Previous phishing notices
In August, FINRA warned attacker members to use the details of registered brokers to build persuasive phishing sites.
Another warning was issued the same month that threat actors were notified using a copycat site hosted at finnra[.]org with a registration form used to collect personal information that could later be used to target FINRA members in spear-phishing attacks.
In May, the regulator issued another security alert warning of a ‘widespread, ongoing phishing campaign involving fraudulent emails purporting to be from FINRA officers,’ including but not limited to two of the non-profit vice-presidents, Josh Drobnyk and Bill Wollman.
FINRA also released a notice last year to notify members of fraudulent emails targeting members using a provision of the USA Patriot Act concerning the ability of financial organizations to share information for additional authenticity.