FINRA Phishing Campaign
NJCCIC Alert
Original Release Date: 3/11/2021
Summary
The US Financial Industry Regulatory Authority (FINRA) issued several warnings of regulatory notices in the last year, with the latest notifying of an ongoing phishing campaign targeting US brokers and brokerage firms. Threat actors are using the spoofed domain, finra-online[.]com, to send fraudulent compliance audit alerts and harvest information. The phishing email requests an immediate response to an issue of regulatory non-compliance and requests the target to click on a link or document. FINRA advises the deletion of all emails originating from this spoofed domain name.
Recommendations
The NJCCIC recommends users and organizations educate themselves and others on these continuing threats and tactics to reduce victimization. Users are advised to navigate directly to authentic vendor websites, confirm the legitimacy of a request via an alternate means of communications, keep applications up to date, and enable multi-factor authentication where available. More information can be found in the FINRA notice and Bleeping Computer article.
The NJCCIC is a component organization within the New Jersey Office of Homeland Security and Preparedness. We are the State's one-stop-shop for cyber threat analysis, incident reporting, and information sharing and are committed to making New Jersey more resilient to cyber threats by spreading awareness and promoting the adoption of best practices.
View our Privacy Policy here.
View our Site Index here.