Cybersecurity Alert - April 25, 2022
This email is to warn member firms of an ongoing phishing campaign that involves fraudulent emails purporting to be from FINRA and using the domain name “@claims-finra.org.” The domain of “claims-finra.org” is not connected to FINRA and firms should delete all emails originating from this domain name.
The email states:
Please find the attached Deficiency letter. This notice is from the FINRA risk analysis department following a directive from SEC. As instructed in the letter, I will keep this request open until Wednesday 04/27/22.
Please note that you are required to submit a response to this request by replying to this email.
Principal Risk Monitoring Analyst
FINRA reminds firms to verify the legitimacy of any suspicious email prior to responding to it, opening any attachments or clicking on any embedded links.
FINRA has requested that the Internet domain registrar suspend services for "claims-finra.org."
Questions regarding this alert should be directed to: