FINRA Warns of Additional Fake Emails

Publish Date

Type

Cyber Alert

Topics
  • Cybersecurity
  1. Insights
  2. FINRA Warns of Additional Fake Emails

The Financial Industry Regulatory Authority (FINRA) has issued an alert warning of reported additional phishing attempts using fake FINRA credentials. Per the notice, an ongoing email phishing campaign has been reported, in which the fake FINRA domain name of "gateway-finra[dot]org" is being used. 

The phishing emails request that recipients click a “view request” link, and subsequently submit information to “complete” the request. The email threatens penalties for not submitting information. 

FINRA reiterates that gateway-finra[dot]org is not associated with the regulatory authority. It has requested from the internet domain registrar that that domain be suspended. It advises that recipients refrain from clicking any links in the emails, refrain from opening any attachments in the emails, and ideally immediately delete any emails from the fraudulent address.

ACA guidance

The FINRA notice follows a similar notice from the regulatory authority of a phishing campaign using another fake domain, supports @ finra-online[dot]com, alerted on by ACA Aponix on March 5, 2021. The similarity of these campaigns indicates the proliferation of phishing attempts that are circulating, the likely effectiveness of those campaigns, and the increased need for vigilance and training in this regard.

ACA Aponix recommends that FINRA-regulated firms, and all firms in general:

  • Be on the lookout for emails with from source of gateway-finra[dot]org. Note that the gateway- finra[dot]org is not associated with FINRA, and indicates a fraudulent phishing campaign.
  • Immediately delete all emails from gateway-finra[dot]org.
  • Alert all staff regarding this phishing campaign.
  • Block the gateway-finra[dot]org domain and URL on the company spam filter.
  • Immediately change the password for any user that did fall for the phishing campaign and submitted their login credentials.
  • Enable multi-factor authentication (MFA) if not already enabled.
  • Remind staff to generally inspect hyperlinks and domain names to verify that they are from a trusted source.
  • Enhance training efforts toward recognizing and preventing phishing attempts and related criminal activity.

How we help

ACA Aponix offers the following solutions that can help your firm protect itself in relation to this and similar social engineering efforts, and to enhance its cybersecurity in general: 

Download our Aponix Protect™ cybersecurity solution brochure.

If you have any questions, please contact your ACA Aponix consultant or contact us.
 

Related insights

cyber lock

Critical Vulnerability Detected in Palo Alto Networks' GlobalProtect Gateways

A popular firewall used in the financial industry is under attack due to a critital zero-day vulnerability. Firms that use Palo Alto Networks' firewall need to update their software to protect their systems.

Cyber Alert
  • Cybersecurity
abstract image with a lock and shield

Two Important Cybersecurity Alerts from CISA

The Cybersecurity and Infrastructure Security Agency (CISA) issued two advisories that require impacted firms to take immediate action.

Cyber Alert
  • Cybersecurity
lock

Cybersecurity Benchmarking Survey Lists Top Concerns and Preparedness Among Respondents

Our annual survey in partnership with NSCP reveals that investment firms overlook AI as a cybersecurity risk and remain wary about SEC cybersecurity enforcement and compliance with new rules

Press Release
  • Cybersecurity
  • Cybersecurity Resources
  • ACA News