Security News > 2021 > March > Ongoing phishing attacks target US brokers with fake FINRA audits
The US Financial Industry Regulatory Authority has issued a regulatory notice warning US brokerage firms and brokers of an ongoing phishing campaign using fake compliance audit alerts to harvest information.
The domain used in these ongoing phishing attacks was registered just two days ago, on March 3rd, using the NameCheap domain name registrar.
While FINRA rarely issues such regulatory notices, the regulator has published four of them last year, with two of them informing of phishing attacks targeting brokers' information.
One of them, reported during December 2020, warned brokers of similar phishing attacks using another domain that spoofed a legitimate FINRA website.
In October, another notice alerted member firms of widespread phishing attacks using surveys to harvest sensitive information.
Org with a fake registration form for collecting personal info later to be used in spear-phishing attacks directed at FINRA members.
News URL
Related news
- Australian Organisations Targeted by Phishing Attacks Disguised as Atlassian (source)
- Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials (source)
- DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks (source)
- Healthcare attacks spread beyond US – just ask India's Star Health (source)
- GitHub, Telegram Bots, and ASCII QR Codes Abused in New Wave of Phishing Attacks (source)
- China again claims Volt Typhoon cyber-attack crew was invented by the US to discredit it (source)
- Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack (source)
- Phishing scams and malicious domains take center stage as the US election approaches (source)
- Midnight Blizzard Escalates Spear-Phishing Attacks On Over 100 Organizations (source)
- Windows infected with backdoored Linux VMs in new phishing attacks (source)