The Financial Sector Regulatory Authority (FINRA) has warned of a new phishing campaign involving fraudulent emails using domain names claiming to be the financial regulator.
In a notice, the regulator said the fake emails used the bogus @ finrar-reporting.org, @ Finpro-finrar.org and @ gateway2-finra.org domains. The domains were registered on August 12, 2021.
He said those emails asked recipients to click on a link to “view request” and provide information to “complete” that request, noting that “late submission may result in penalties.”
The regulator that anyone who clicked on a link or image in the email should immediately notify the appropriate people in their company of the incident.
â€œNone of these domain names are connected to FINRA and companies should delete all emails from any of these domain names,â€ he said in the notice.
FINRA has also urged all companies receiving such messages to verify the legitimacy of any suspicious emails before responding, opening attachments, or clicking embedded links. He requested that the relevant Internet domain registrars suspend services for the three domain names.
“For more information, companies should consult the resources provided on FINRA’s Cyber â€‹â€‹Security Topic page, including the Phishing section of our Cyber â€‹â€‹Security Practices Report – 2018,” FINRA added.
Prevent fraud and phishing attacks with DMARC
How to use domain-based message authentication, reporting, and compliance for email security
Earlier in June, FINRA issued another warning about a similar phishing campaign using the domain name “@ gateway-finra.org”. Like the current campaign, this one also asked recipients to click on a link to “view request” and provide information to “complete” that request, noting that “late submission may result in penalties.”
In March, the regulator published an advisory regarding a phishing campaign using â€œ@ finra-online.comâ€ as a fake domain name to surprise victims. He said at the time that this domain name was “not connected to FINRA and companies should delete all emails coming from this domain name.”
Finra isn’t the only regulator to be targeted by phishers recently, as the Cyprus Securities and Exchange Commission (CySEC) recently issued a warning regarding a fake website masquerading as them and hosted in India.
APEX Business Value
The Business Value of Dell Technologies APEX as-a-Service Solutions
How Upgraded Server and Storage Platforms Support Digital Transformation
New Dell EMC PowerStore Delivers Premium Enterprise Storage Features at an Average Price
The Complete Guide to the Cloud Economy
Improve decision making, avoid risk, reduce costs, and accelerate cloud adoption
Transform your network with advanced load balancing from VMware
How to Modernize Load Balancing to Enable Digital Transformation