Advisors targeted in 'pretexting' phishing scam impersonating SEC

Advisors targeted in 'pretexting' phishing scam impersonating SEC
Aaron Pinnick, senior manager of thought leadership at ACA Group.
Financial services compliance consultant ACA Group told InvestmentNews it had four clients report receiving emails that impersonated David Bottom, the SEC's chief information officer, with smaller firms being targeted.
JUN 27, 2025

RIAs and other financial service firms have been targeted in a phishing campaign of fraudulent emails claiming to be from David Bottom, chief information officer for the Securities and Exchange Commision (SEC). Compliance consultancy ACA Group told InvesmentNews that four of its clients reported receiving the emails since Monday, June 23, and all recipients were compliance executives at financial firms.

ACA Group shared a copy of the emails, which include the SEC’s Washington, D.C., headquarters in its signature alongside Bottom’s name and title. The sender’s email address is listed as “[email protected][.]com” which ACA Group says is commonly used in phishing attacks. The emails ask advisors to reply and confirm their email addresses, according to a screenshot shared by ACA Group.

SEC-registered investment advisors were among the ACA clients to be targeted in the phishing campaign, as well as a private equity firm and hedge fund.

“What was common amongst them, at least the ones I saw because I went back and looked up ADV filings for the various firms, is they were all on the smaller side with $1 billion or less in RAUM and roughly 10 or less employees,” Aaron Pinnick, senior manager of thought leadership at ACA Group, told InvestmentNews. “That's not necessarily a representative sample of who received it, just who forward those messages to us.”

The SEC is now asking recipients of the fraudulent email to not respond and to file a complaint to the SEC’s Office of Inspector General. In a statement to InvestmentNews, an SEC spokesperson said the agency’s Office of Information Technology notified the SEC’s Division of Examinations’ Cybersecurity Program Office of the phishing campaign, and that division is now in contact with FINRA’s Cyber Unit.

“The SEC’s Office of Information Technology (OIT) is aware of an active phishing campaign involving fraudulent emails that claim to be from agency Chief Information Officer David Bottom and appear to target SEC registrants,” an SEC spokesperson said in a statement. “The messages ask the recipients to reply and confirm their email address to enable future communication. This is commonly known as “pretexting,” a social engineering technique where scammers devise a legitimate scenario and/or use an authoritative figure to gain trust and persuade recipients to divulge sensitive information.” 

An SEC Investor Alert was previously issued in 2021 that details how to detect phone calls, voicemails, emails, and letters that impersonate the regulator. Pinnick explained the initial fraudulent emails impersonating Bottom “isn't really that dangerous,” but warns that responding to the email could lead to more nefarious exposure. 

“What we would expect were to happen would be after you validated your email address with the supposed CIO of the SEC, which obviously wasn't that individual, but after you validated that you would receive some sort of secure file transfer link, download attachment, etc, which, when you interact with that you would get either redirected to a malicious website, download malware or ransomware or some form of malicious code,” said Pinnick.

Latest News

Texas man says SEC and fund could make him pay twice
Texas man says SEC and fund could make him pay twice

A $141M judgment and a federal asset freeze collide over one shrinking pool

Osaic executives Kristy Britt and Greg Cornick to leave
Osaic executives Kristy Britt and Greg Cornick to leave

The firm's CFO and EVP of Wealth Management Solutions are the latest executives to exit the broker-dealer.

Estate planning becomes a client retention issue for financial advisors, survey finds
Estate planning becomes a client retention issue for financial advisors, survey finds

Clients are saying they would consider switching advisors if another professional offered estate planning services, according to a new Trust & Will survey.

Candidly adds AI agents for Trump Accounts, workplace benefits
Candidly adds AI agents for Trump Accounts, workplace benefits

CEO Laurel Taylor says the fintech's composable AI stack helps workers optimize dollars across Trump Accounts, 529s, 401(k)s, and other employee benefits.

BMO adds three advisors in Dallas amid Y'all Street wealth boom
BMO adds three advisors in Dallas amid Y'all Street wealth boom

The bank has swiped three private banking veterans from BNY as the city climbs the ranks of America's fastest-growing wealth hubs.

SPONSORED Who builds the income when the pension disappears?

Dan Biagini of American Equity says the steady decline of pensions, longer lifespans and a reset in interest rates are rewriting how advisors build retirement income

SPONSORED Why direct indexing stopped being optional

Direct indexing is on pace to outgrow ETFs and mutual funds. Northern Trust's Ken Lassner explains why the advisors who get it wish they had started sooner.