RIAs and other financial service firms have been targeted in a phishing campaign of fraudulent emails claiming to be from David Bottom, chief information officer for the Securities and Exchange Commision (SEC). Compliance consultancy ACA Group told InvesmentNews that four of its clients reported receiving the emails since Monday, June 23, and all recipients were compliance executives at financial firms.
ACA Group shared a copy of the emails, which include the SEC’s Washington, D.C., headquarters in its signature alongside Bottom’s name and title. The sender’s email address is listed as “[email protected][.]com” which ACA Group says is commonly used in phishing attacks. The emails ask advisors to reply and confirm their email addresses, according to a screenshot shared by ACA Group.
SEC-registered investment advisors were among the ACA clients to be targeted in the phishing campaign, as well as a private equity firm and hedge fund.
“What was common amongst them, at least the ones I saw because I went back and looked up ADV filings for the various firms, is they were all on the smaller side with $1 billion or less in RAUM and roughly 10 or less employees,” Aaron Pinnick, senior manager of thought leadership at ACA Group, told InvestmentNews. “That's not necessarily a representative sample of who received it, just who forward those messages to us.”
The SEC is now asking recipients of the fraudulent email to not respond and to file a complaint to the SEC’s Office of Inspector General. In a statement to InvestmentNews, an SEC spokesperson said the agency’s Office of Information Technology notified the SEC’s Division of Examinations’ Cybersecurity Program Office of the phishing campaign, and that division is now in contact with FINRA’s Cyber Unit.
“The SEC’s Office of Information Technology (OIT) is aware of an active phishing campaign involving fraudulent emails that claim to be from agency Chief Information Officer David Bottom and appear to target SEC registrants,” an SEC spokesperson said in a statement. “The messages ask the recipients to reply and confirm their email address to enable future communication. This is commonly known as “pretexting,” a social engineering technique where scammers devise a legitimate scenario and/or use an authoritative figure to gain trust and persuade recipients to divulge sensitive information.”
An SEC Investor Alert was previously issued in 2021 that details how to detect phone calls, voicemails, emails, and letters that impersonate the regulator. Pinnick explained the initial fraudulent emails impersonating Bottom “isn't really that dangerous,” but warns that responding to the email could lead to more nefarious exposure.
“What we would expect were to happen would be after you validated your email address with the supposed CIO of the SEC, which obviously wasn't that individual, but after you validated that you would receive some sort of secure file transfer link, download attachment, etc, which, when you interact with that you would get either redirected to a malicious website, download malware or ransomware or some form of malicious code,” said Pinnick.
Since Vis Raghavan took over the reins last year, several have jumped ship.
Chasing productivity is one thing, but when you're cutting corners, missing details, and making mistakes, it's time to take a step back.
It is not clear how many employees will be affected, but none of the private partnership's 20,000 financial advisors will see their jobs at risk.
The historic summer sitting saw a roughly two-thirds pass rate, with most CFP hopefuls falling in the under-40 age group.
"The greed and deception of this Ponzi scheme has resulted in the same way they have throughout history," said Daniel Brubaker, U.S. Postal Inspection Service inspector in charge.
Stan Gregor, Chairman & CEO of Summit Financial Holdings, explores how RIAs can meet growing demand for family office-style services among mass affluent clients through tax-first planning, technology, and collaboration—positioning firms for long-term success
Chris Vizzi, Co-Founder & Partner of South Coast Investment Advisors, LLC, shares how 2025 estate tax changes—$13.99M per person—offer more than tax savings. Learn how to pass on purpose, values, and vision to unite generations and give wealth lasting meaning
