Skip to main content
Regulatory Notice 20-27

FINRA Alerts Firms to Use of Fake FINRA Domain Name

Published Date:

FINRA is warning member firms of a new imposter website www.finnra.org (please notice the extra “n” in the domain name).

One portion of the website contains a link to a registration site that is not legitimate (see images, below).

In addition, it is possible bad actors could leverage the domain to send fake emails including those with imbedded phishing links or attachments containing malware.

The domain of “finnra.org” is not connected to FINRA and firms should delete all emails originating from this domain name.

FINRA has requested that the Internet domain registrar suspend services for "finnra.org".

FINRA reminds firms to verify the legitimacy of any suspicious email prior to responding to it, opening any attachments or clicking on any embedded links.

For more information, firms should review the resources provided on FINRA’s Cybersecurity Topic Page, including the Phishing section of our Report on Cybersecurity Practices -2018.

Questions regarding this Notice should be directed to Dave Kelley, Director, Member Supervision Specialist Programs, at (816) 802-4729 or by email.

Attachment A – Screen Shots

FINRA Alerts Firms to Use of Fake FINRA Domain Name - Screenshot

FINRA Alerts Firms to Use of Fake FINRA Domain Name - Screenshot