Cybersecurity Alert - Ongoing Phishing Campaign

This email is to warn member firms of an ongoing phishing campaign that involves fraudulent emails purporting to be from FINRA and using the domain name “@filling-regfinra.com”. The domain of “filling-regfinra.com” is not connected to FINRA, and firms should delete all emails originating from this domain. Member firms should be aware that they may receive similar phishing emails from other domain names in addition to those identified in this Alert.

The email states:

Dear Name,

I hope all is well!

I will be your FINRA relationship manager going forward and would appreciate the opportunity to have to discuss how you work with Finra account management (reports, exams and fillings) and where FINRA fits into your practice.

As of now, my schedule is relatively tight and I need to confirm an appointment that works for you before the end of today. Please click the "book a meeting" link in my signature to select a date and time.

PS: I'm unable to respond to unscheduled calls and you may be required to authenticate your email account to confirm a booking.

I look forward to speaking soon!

Name

BOOK A MEETING

Regards,

Name
Principal Risk Monitoring Analyst
FINRA
Phone Number

FINRA reminds firms to verify the legitimacy of any suspicious email prior to responding to it, opening any attachments or clicking on any embedded links. FINRA has requested that the Internet domain registrar suspend services for "filling-regfinra.com"

For more information, firms should review the resources provided on FINRA’s Cybersecurity topic page, including the Phishing section of our Report on Cybersecurity Practices - 2018.

Questions regarding this alert should be directed to FINRA’s Cyber Analytics Unit (CAU) at [email protected].