Cybersecurity Alert - April 25, 2022

This email is to warn member firms of an ongoing phishing campaign that involves fraudulent emails purporting to be from FINRA and using the domain name “@claims-finra.org.” The domain of “claims-finra.org” is not connected to FINRA and firms should delete all emails originating from this domain name.

The email states:

Dear Name,

Please find the attached Deficiency letter. This notice is from the FINRA risk analysis department following a directive from SEC. As instructed in the letter, I will keep this request open until Wednesday 04/27/22.

Please note that you are required to submit a response to this request by replying to this email.

Name
Principal Risk Monitoring Analyst

FINRA

FINRA reminds firms to verify the legitimacy of any suspicious email prior to responding to it, opening any attachments or clicking on any embedded links.

FINRA has requested that the Internet domain registrar suspend services for "claims-finra.org."

For more information, firms should review the resources provided on FINRA’s Cybersecurity Topic Page, including the Phishing section of our Report on Cybersecurity Practices - 2018.

Questions regarding this alert should be directed to:

• Dave Kelley, Director, Member Supervision Specialist Programs, at (816) 802-4729 or by email; or
• Greg Markovich, Senior Principal Risk Specialist, Member Supervision Specialist Programs, at (312) 899-4604 or by email.