Security News > 2021 > March > Ongoing phishing attacks target US brokers with fake FINRA audits
The US Financial Industry Regulatory Authority has issued a regulatory notice warning US brokerage firms and brokers of an ongoing phishing campaign using fake compliance audit alerts to harvest information.
The domain used in these ongoing phishing attacks was registered just two days ago, on March 3rd, using the NameCheap domain name registrar.
While FINRA rarely issues such regulatory notices, the regulator has published four of them last year, with two of them informing of phishing attacks targeting brokers' information.
One of them, reported during December 2020, warned brokers of similar phishing attacks using another domain that spoofed a legitimate FINRA website.
In October, another notice alerted member firms of widespread phishing attacks using surveys to harvest sensitive information.
Org with a fake registration form for collecting personal info later to be used in spear-phishing attacks directed at FINRA members.
News URL
Related news
- Over 100 US and EU orgs targeted in StrelaStealer malware attacks (source)
- Iran-Linked MuddyWater Deploys Atera for Surveillance in Phishing Attacks (source)
- US sanctions APT31 hackers behind critical infrastructure attacks (source)
- Alert: New Phishing Attack Delivers Keylogger Disguised as Bank Payment Notice (source)
- TA547 Phishing Attack Hits German Firms with Rhadamanthys Stealer (source)
- FBI warns of massive wave of road toll SMS phishing attacks (source)
- FIN7 targets American automaker’s IT staff in phishing attacks (source)
- AI set to play key role in future phishing attacks (source)
- LA County Health Services: Patients' data exposed in phishing attack (source)
- LA County Health Services: Patients' data exposed in phishing attack (source)