Security News > 2021 > March > FINRA Warns of Ongoing Phishing Attacks Targeting Brokerage Firms
The Financial Industry Regulatory Authority has issued an alert to warn brokerage firms of a phishing campaign that is currently ongoing.
A not-for-profit organization, FINRA is U.S. government-authorized and overseen by the Securities and Exchange Commission.
"Please find the following attached report from FINRA on regulatory non-compliance for which your immediate response is required. As part of a disclosure review process, we require this background report be completed. Review the enclosed document in respect to our compliance policy," a version of the message, which FINRA has shared publicly, reads.
Individuals who received such emails and who might have clicked on a link or image in the email should immediately report the incident to the security team within their organization, FINRA recommends.
Targeted firms are reminded to check any suspicious emails they might receive and be wary of opening unsolicited attachments or clicking on any embedded link.
This is the second warning of this kind that FINRA issues, after a December 2020 alert that revealed details of a phishing attack abusing a lookalike domain to target brokerage firms.
News URL
Related news
- How Phishing Attacks Adapt Quickly to Capitalize on Current Events (source)
- Google raps Iran's APT42 for raining down spear-phishing attacks (source)
- Xeon Sender Tool Exploits Cloud APIs for Large-Scale SMS Phishing Attacks (source)
- Cybercriminals exploit file sharing services to advance phishing attacks (source)
- CERT-UA Warns of New Vermin-Linked Phishing Attacks with PoW Bait (source)
- How AitM Phishing Attacks Bypass MFA and EDR—and How to Fight Back (source)
- Novel attack on Windows spotted in phishing campaign run from and targeting China (source)
- Cybercriminals Exploit HTTP Headers for Credential Theft via Large-Scale Phishing Attacks (source)
- Australian Organisations Targeted by Phishing Attacks Disguised as Atlassian (source)
- Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials (source)