ALERT: Phishing attack posing as FINRA survey

WHAT HAPPENED?

The Office of Compliance Inspections and Examinations of the U.S. Securities and Exchange Commission (OCIE) was recently made aware of a phishing attempt which could affect broker-dealers, investment advisers, and investment companies.

The attack came from bad actors, purporting to be the Financial Industry Regulatory Authority (FINRA) asking firms to complete a survey. These emails have come from the domain “regulation-finra.org” and are preceded by “info” plus a number, like “info2@regulation-finra.org.”

Any emails coming from a regulator or vendor asking for sensitive information, including usernames and passwords, or make unsolicited requests for action, like taking a survey, could be malicious phishing attempts.

WHAT DOES THIS MEAN FOR ME?

If you receive a suspicious email, like the above:

  • Do not click any links or respond to the email and
  • Promptly report the incident to the appropriate person in your organization.

Always verify the sender of suspicious emails by contacting the sender through a known email address or by calling a trusted phone number, not by using information included in the questionable email. Fairview is available to answer questions about cybersecurity issues and how to secure your network in case of a successful data breach. Reach out to us with any questions.

About the Author:

Fairview®
Founded in 2005 with the goal of developing streamlined solutions for investment advisers, Fairview® is now servicing investment advisers, foundations, and funds with nearly $300 billion in collective assets.