Cybersecurity Alert - June 16, 2022
This email is to warn member firms of an ongoing phishing campaign that involves fraudulent emails purporting to be from FINRA and using either the domain name “@firms-finra.org” or “@firms-sipc.org”. Neither of these domains is connected to FINRA and firms should delete all emails originating from these domain names.
The email states:
I hope you are doing well.
We sent a secure email on a confidential FINRA notice a moment ago to your email (youremail.com) I'm just making you received the email (please check your junk or spam email to be sure)
Kindly follow the instructions in the notice and submit the required information on this case as soon as you can.
Member Assessments • Cases Team Lead
The Financial Industry Regulatory Authority
1700 K Street,
NW Washington, DC 20006
FINRA reminds firms to verify the legitimacy of any suspicious email prior to responding to it, opening any attachments or clicking on any embedded links.
FINRA has requested that the Internet domain registrar suspend services for "firms-finra.org" and “firms-sipc.org”.
Questions regarding this alert should be directed to:
- Greg Markovich, Senior Principal Risk Specialist, Member Supervision Specialist Programs, at (312) 899-4604 or by email.