FINRA Alerts Firms to Phishing Email Using “finra-online.com” Domain Name
FINRA warns member firms of an ongoing phishing campaign that involves fraudulent emails (see sample in Appendix) purporting to be from “FINRA Membership” and using the email address “[email protected]”. The email asks the recipient to respond to an issue of “regulatory non-compliance for which your immediate response is required” and then asks the recipient to click on a link or document.
FINRA recommends that anyone who clicked on any link or image in the email immediately notify the appropriate individuals in their firm of the incident.
The domain of “finra-online.com” is not connected to FINRA and firms should delete all emails originating from this domain name.
FINRA reminds firms to verify the legitimacy of any suspicious email prior to responding to it, opening any attachments or clicking on any embedded links.
FINRA has requested that the Internet domain registrar suspend services for "finra-online.com".
For more information, firms should review the resources provided on FINRA’s Cybersecurity Topic Page, including the Phishing section of our Report on Cybersecurity Practices -2018.
Questions regarding this Notice should be directed to:
- Dave Kelley, Director, Member Supervision Specialist Programs, at (816) 802-4729 or by email; or
- Greg Markovich, Senior Principal Risk Specialist, Member Supervision Specialist Programs, at (312) 899-4604 or by email.
From: FINRA Membership <[email protected]>
Date: March 4, 2021 at 10:32:14 AM CST
Subject: ATTN: FINRA COMPLIANCE AUDIT
Please find the following attached report from FINRA on regulatory non-compliance for which your immediate response is required.
As part of a disclosure review process, we require this background report be completed.
Review the enclosed document in respect to our compliance policy.
If you've got more questions regarding this letter don't hesistate [sic] to contact us.
Financial Industry Regulatory Authority
Phone Number : +1 786 292 XXXX