US financial regulatory body warns its members of ongoing phishing campaign

News
By last updated

FINRA issues an urgent security alert to its members

Phishing scams
(Image credit: Startup Stock Photos / Pixabay)

The US Financial Industry Regulatory Authority (FINRA) has issued a notice on its website warning of fraudulent phishing emails claiming to be from itself.

In the alert to members posted on its notices page, FINRA explains that there is a widespread, ongoing phishing campaign that involves fraudulent emails purporting to be from FINRA officers, including vice presidents Bill Wollman and Josh Drobnyk.

Members are warned that the suspect emails have a source domain name ‘@broker-finra.org’, and request immediate attention to an attachment relating to your firm. As a result, FINRA has urged members to change their passwords and also notify relevant staff members about the attacks.

Ongoing threat

FINRA has explained that the malicious emails have been targeting Microsoft Office and SharePoint account passwords. Emails often, but not always include an attached PDF file that contains a link to a website where members are required to enter their passwords.

The notice on the FINRA website also underlines the need to remain vigilant. It states: ‘The domain of “broker-finra.org” is not connected to FINRA and firms should delete all emails originating from this domain name. In addition, FINRA has requested that the Internet domain registrar suspend services for "broker-finra.org".’

"FINRA recommends that anyone who entered their password change it immediately and notify the appropriate individuals in their firm of the incident," Dave Kelley, FINRA Director of Member Supervision Specialist Programs told ZDNet.

In addition, he also underlined how the attacks were using another less obvious technique. "In at least in some cases, the emails do not actually include the attachment," Kelley said. "They may be attempting to gain the recipient's trust so that a follow-up email can be sent with an infected attachment or link, or a request for confidential firm information."

FINRA is a not-for-profit organization working on behalf of brokerage firms and exchange markets. Any successful phishing attacks could result in criminals accessing the Office accounts of businesses who work at the heart of the New York Stock Exchange.

Rob Clymo
Rob Clymo

Rob Clymo has been a tech journalist for more years than he can actually remember, having started out in the wacky world of print magazines before discovering the power of the internet. Since he's been all-digital he has run the Innovation channel during a few years at Microsoft as well as turning out regular news, reviews, features and other content for the likes of TechRadar, TechRadar Pro, Tom's Guide, Fit&Well, Gizmodo, Shortlist, Automotive Interiors World, Automotive Testing Technology International, Future of Transportation and Electric & Hybrid Vehicle Technology International. In the rare moments he's not working he's usually out and about on one of numerous e-bikes in his collection.

Latest in Security
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Coinbase targeted after recent Github attacks
IBM office logo
IBM to provide platform for flagship cyber skills programme for girls
Oracle
Oracle denies data breach after hacker claims to hold six million records
Hacker silhouette working on a laptop with North Korean flag on the background
North Korea unveils new military unit targeting AI attacks
An image of network security icons for a network encircling a digital blue earth.
US government warns agencies to make sure their backups are safe from NAKIVO security issue
Laptop computer displaying logo of WordPress, a free and open-source content management system (CMS)
This top WordPress plugin could be hiding a worrying security flaw, so be on your guard
Latest in News
Tesla Roadster 2
Tesla is still taking deposits on its long overdue Roadster, despite promising it would arrive in 2020
Samsung HW-Q990D soundbar with Halloween theme over the top
Samsung promises to repair soundbars bricked by its disastrous software update for free – but it'll probably involve shipping
Google Gemini AI
Gmail is adding a new Gemini AI tool to help smarten up your work emails
DJI Mavic 3 Pro
More DJI Mavic 4 Pro leaks seemingly reveal launch date, price and key features of the triple camera drone – here's what to expect
Android 16 logo on a phone
Here's how Android 16 will upgrade the screen unlocking process on your Pixel
Man sitting on sofa, drinking coffee, looking at phone in surprise
Thousands of coffee lovers warned to stop using their espresso machines immediately after reports of burns and lacerations
More about security
Oracle

Oracle denies data breach after hacker claims to hold six million records
IBM office logo

IBM to provide platform for flagship cyber skills programme for girls
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol

Coinbase targeted after recent Github attacks
See more latest
Most Popular
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Coinbase targeted after recent Github attacks
Surface Laptop 7
Amazon warns customers about the Surface Laptop – and it’s not just bad news for Microsoft
vector isometric illustration of a handheld gaming console
SteamOS is about to change handheld gaming PCs as HP finally considers ditching Windows 11
Oracle
Oracle denies data breach after hacker claims to hold six million records
Tesla Roadster 2
Tesla is still taking deposits on its long overdue Roadster, despite promising it would arrive in 2020
DJI Mavic 3 Pro
More DJI Mavic 4 Pro leaks seemingly reveal launch date, price and key features of the triple camera drone – here's what to expect
De'Longhi Linea Classic espresso machine on kitchen counter with hot and cold coffee drinks
I'm a qualified barista, and De'Longhi's latest espresso machine could be this year's best budget buy for coffee lovers
Man sitting on sofa, drinking coffee, looking at phone in surprise
Thousands of coffee lovers warned to stop using their espresso machines immediately after reports of burns and lacerations
Samsung HW-Q990D soundbar with Halloween theme over the top
Samsung promises to repair soundbars bricked by its disastrous software update for free – but it'll probably involve shipping
A Minecraft sheep.
Minecraft developer rejects generative AI, 'it's important that it makes us feel happy to create as humans'