Finra caught up in email phishing scheme

Finra caught up in email phishing scheme
A new cybersecurity alert warns member firms to be wary of fraudulent messages impersonating key members of the regulator’s leadership.
APR 05, 2024

Finra has issued a cybersecurity alert to its member firms warning of an ongoing phishing campaign that impersonates two key members of the organization's leadership.

The fraudulent scheme, which the Financial Industry Regulatory Authority Inc. says impacts all firms, involves emails falsely claiming to be from executives at the industry regulator, using the deceptive email addresses “[email protected]” and “[email protected].”

According to the alert, these email addresses, along with the domain “data-finra.org,” are not associated with Finra, and recipients are advised to immediately delete any emails received from these domains.

Utilizing a classic social engineering ploy appealing to actual authorities, the bogus emails purport to come from members of Finra’s leadership, including Steve Randich, executive vice president and chief information officer of Finra, and Robert L.D. Colby, its chief legal officer.

The phishing messages are also crafted to evoke a sense of urgency, claiming multiple attempts have been made to contact the target “to deliver a notice that requires your attention.” That’s on top of vague tags simply highlighting the notice as “confidential” with a “Due Date” of April 15, 2024.

The fraudulent communication includes a file labeled “Finra [FIRM NAME]_Disclosure290124.pdf,” with a request to “complete the request at your earliest convenience.”

In response to this phishing campaign, Finra has reminded firms to maintain good cybersecurity practices and verify the legitimacy of any suspicious email before engaging with its content, including responding, opening any attachments, or clicking on embedded links.

Finra has also reached out to the registrars behind the fake “data-finra.org” Internet domain, asking for its suspension. To help address cybersecurity threats, Finra is urging member firms to contact its cyber and analytics unit for guidance, and promptly report incidents to the FBI’s Internet Crime Complaint Center or the Cybersecurity and Infrastructure Security Agency via its 24/7 Operations Center.

Younger generations are more interested in impact investing than ever. Here's why

More goRIA

Focus Financial Network plants East Coast flag with Morgan Stanley breakaway
Focus Financial Network plants East Coast flag with Morgan Stanley breakaway

The Minneapolis-based hybrid RIA opens its first office outside the Midwest as advisor Jennifer McDonald departs Morgan Stanley.

Going RIA helped create a true multi-family office experience for my UHNW clients, says advisor
Going RIA helped create a true multi-family office experience for my UHNW clients, says advisor

"I wanted to operate in a structure where fiduciary duty applies to every client interaction," said Brett Cohen, managing partner at Evolve Private Wealth.

Celebrating 250! More advisors discuss what going independent really taught them
Celebrating 250! More advisors discuss what going independent really taught them

On America's 250th birthday, four advisors who left wirehouses and major banks reflect on conviction, technology freedom, and clients who celebrated their leap.

Celebrating 250! Advisors who went independent share what the leap actually taught them
Celebrating 250! Advisors who went independent share what the leap actually taught them

Three advisors who left wirehouses and broker-dealers say the hardest part wasn't the client conversation — it was everything they didn't expect

EP Wealth launches cash incentive plan tied to firm valuation
EP Wealth launches cash incentive plan tied to firm valuation

CEO Ryan Parker says the program supports EP in the industry's "war for talent."

SPONSORED Who builds the income when the pension disappears?

Dan Biagini of American Equity says the steady decline of pensions, longer lifespans and a reset in interest rates are rewriting how advisors build retirement income

SPONSORED Why direct indexing stopped being optional

Direct indexing is on pace to outgrow ETFs and mutual funds. Northern Trust's Ken Lassner explains why the advisors who get it wish they had started sooner.