Finra caught up in email phishing scheme

Finra caught up in email phishing scheme
A new cybersecurity alert warns member firms to be wary of fraudulent messages impersonating key members of the regulator’s leadership.
APR 05, 2024

Finra has issued a cybersecurity alert to its member firms warning of an ongoing phishing campaign that impersonates two key members of the organization's leadership.

The fraudulent scheme, which the Financial Industry Regulatory Authority Inc. says impacts all firms, involves emails falsely claiming to be from executives at the industry regulator, using the deceptive email addresses “[email protected]” and “[email protected].”

According to the alert, these email addresses, along with the domain “data-finra.org,” are not associated with Finra, and recipients are advised to immediately delete any emails received from these domains.

Utilizing a classic social engineering ploy appealing to actual authorities, the bogus emails purport to come from members of Finra’s leadership, including Steve Randich, executive vice president and chief information officer of Finra, and Robert L.D. Colby, its chief legal officer.

The phishing messages are also crafted to evoke a sense of urgency, claiming multiple attempts have been made to contact the target “to deliver a notice that requires your attention.” That’s on top of vague tags simply highlighting the notice as “confidential” with a “Due Date” of April 15, 2024.

The fraudulent communication includes a file labeled “Finra [FIRM NAME]_Disclosure290124.pdf,” with a request to “complete the request at your earliest convenience.”

In response to this phishing campaign, Finra has reminded firms to maintain good cybersecurity practices and verify the legitimacy of any suspicious email before engaging with its content, including responding, opening any attachments, or clicking on embedded links.

Finra has also reached out to the registrars behind the fake “data-finra.org” Internet domain, asking for its suspension. To help address cybersecurity threats, Finra is urging member firms to contact its cyber and analytics unit for guidance, and promptly report incidents to the FBI’s Internet Crime Complaint Center or the Cybersecurity and Infrastructure Security Agency via its 24/7 Operations Center.

Younger generations are more interested in impact investing than ever. Here's why

Latest News

'Bogged down' advisors just want to have fun (again)
'Bogged down' advisors just want to have fun (again)

Jim Cahn, of Wealth Enhancement Group, lifts the lid on his firm's partnership model, his views on RIA M&A, and the widely slept-on reason why advisors are merging into larger organizations.

Vestwell unveils new emergency savings account offering
Vestwell unveils new emergency savings account offering

The fintech firm is cementing its status in the workplace savings space with its latest ESA offering, which employers can integrate into their existing benefits package.

'Money Mimosas' and other ways to show your Valentine financial love
'Money Mimosas' and other ways to show your Valentine financial love

Wealth managers offer unique ideas for couples to grow closer emotionally and financially.

Limra research finds financial confidence on the rise among Black American workers
Limra research finds financial confidence on the rise among Black American workers

Survey findings suggest increased sense of financial security and more optimistic 2025 outlook, while highlighting employers' role in ensuring retirement readiness.

DOGE efforts sideswipe muni bonds backed by federal lease payments
DOGE efforts sideswipe muni bonds backed by federal lease payments

Falling prices for some securities within the $4 trillion state and local government debt market spotlight how the push to shrink spending is sending shockwaves across the US.

SPONSORED Record growth: Interval funds emerge as key players in alternative investments

Blue Vault Alts Summit highlights the role of liquidity-focused funds in reshaping advisor strategies

SPONSORED Taylor Matthews on what's behind Farther's rapid growth

From 'no clients' to reshaping wealth management, Farther blends tech and trust to deliver family-office experience at scale.