Heimdal
article featured image

Contents:

Financial Industry Regulatory Authority (FINRA), the largest independent regulator for all securities firms doing business in the United States, has notified brokerage organizations of a phishing operation menacing receivers with punishments unless they provide the information demanded by the threat actors.

FINRA is a private American corporation that acts as a self-regulatory organization (SRO) that regulates member brokerage firms and exchange markets. In December 2019, the organization supervised 3,517 brokerage firms, 153,907 branch offices, and approximately 624,674 registered securities representatives.

In a regulatory announcement published at the beginning of the week, the organization stated:

FINRA warns member firms of an ongoing phishing campaign that involves fraudulent emails purporting to be from FINRA and using the domain name @gateway-finra.org.

FINRA recommends that anyone who clicked on any link or image in the email immediately notify the appropriate individuals in their firm of the incident.

Source

Cybercriminals send bogus email messages asking for additional details from recipients to confirm their company name.

The victims are also threatened with penalties if they fail to submit the requested information on time, a strategy created to force them into doing it faster, hoping that recipients would reply before verifying the emails’ validity.

Penalty threats phishing email sample (FINRA)

Source

The gateway-finra[.]org domain employed in these phishing attacks that are in progress was registered on June 7 using the Hosting Concepts B.V. domain registrar.

The Internet domain registrar was asked by the market regulator to interrupt services for the domain because of its continuing use in operational phishing attacks before issuing the warning.  Nevertheless, the domain is still accessible, redirecting to the official FINRA website.

Since the domain is not linked to the market regulator, member brokerage organizations are urged to remove any messages received from this domain as quickly as possible.

While the non-profit organization seldom publishes such regulatory announcements, it has issued a few in 2020, with two of them warning of phishing campaigns targeting brokers’ information.

The latest of them, issued in March, notified U.S. brokers of a phishing operation in progress utilizing false compliance audit notifications to steal private data.

Another one, issued in December 2020, alerted brokers of similar phishing attacks using another domain (invest-finra[.]org) impersonating a valid FINRA website.

FINRA reminds organizations to check the legitimacy of any dubious email before responding to it, opening any attachments, or clicking on any embedded links.

For further information, companies should review the resources provided on FINRA’s Cybersecurity Topic Page, including the Phishing section of their Report on Cybersecurity Practices – 2018.

Author Profile

Antonia Din

PR & Video Content Manager

linkedin icon

As a Senior Content Writer and Video Content Creator specializing in cybersecurity, I leverage digital media to unravel and clarify complex cybersecurity concepts and emerging trends. With my extensive knowledge in the field, I create content that engages a diverse audience, from cybersecurity novices to experienced experts. My approach is to create a nexus of understanding, taking technical security topics and transforming them into accessible, relatable knowledge for anyone interested in strengthening their security posture.

CHECK OUR SUITE OF 11 CYBERSECURITY SOLUTIONS

SEE MORE