SCAM OF THE WEEK: Phony FINRA Phishing

Once again cybercriminals are impersonating the Financial Industry Regulatory Authority (FINRA), which is the largest brokerage regulation company in the US. Organizations strive to be compliant with regulations, which is why receiving an email that appears to be from FINRA can be quite startling.

In this FINRA-themed phishing email, the sender’s email address uses the domain gateway[dash]finra[dot]org. The email claims that your organization has received a compliance request and it directs you to click on a link for more information. To add a sense of urgency, the message also states “Late submission may attract penalties”. The email even includes a case number, request ID, and a footer with legal jargon to make it feel legitimate. But if you click the link, you will be redirected to a malicious website. Don’t fall for it!

Use the tips below to stay safe from similar attacks:

Look for threats of urgency, such as the need to pay a penalty if you don’t act quickly enough. These scams rely on impulsive actions, so always think before you click.
Check who sent the email. In this case, while the email address included the name FINRA, it did not use the official FINRA.org domain.
If you are worried that the email could be legitimate, reach out to the company another way. Do not click any links or use the contact information provided in an email.

Stop, Look, and Think. Don’t be fooled.
Executive IT Help Security Team
Office: 832-295-1411

SCAM OF THE WEEK: Phony FINRA Phishing

More Articles & Posts

Trump fires head of National Security Agency and Cyber Command

Hackers are hijacking WordPress sites to push Windows and Mac malware

Columbus says ransomware gang stole personal data of 500,000 Ohio residents