Fake Regulatory Emails Received from "IFMR"

Multiple firms have reported receiving emails from an organization posing as the International Fund Manager Regulator (IFMR). The organization claims to be an independent global regulatory authority. The emails demand that recipients provide credentials and register with them or face blacklisting.

These emails have been determined to be fake. There is no legitimate international global regulatory authority for fund managers. While well-crafted, the email includes language that no regulator would include, and response timelines unheard of in regulatory circles. This email is a phishing attempt.

ACA guidance

• Delete all emails from IFMR immediately 
• Block the ifmregulator.com domain  
• Alert staff regarding this phishing attempt 
• Encourage staff to report if they have clicked or submitted credentials (and follow appropriate phishing response procedures accordingly)

How we help

ACA Aponix^® offers solutions that can help firms prevent succumbing to phishing attacks such as this, and enhance their cybersecurity in general.

• Threat intelligence, phishing testing and monitoring
• Operational resilience and governance
• Risk assessments and regulatory compliance testing services

Download our Aponix Protect™ cybersecurity solution brochure.

If you have any questions, please contact your ACA Aponix consultant or contact us.