Security News > 2021 > August > US brokers warned of ongoing phishing attacks impersonating FINRA
The US Financial Industry Regulatory Authority warns US brokerage firms and brokers of an ongoing phishing campaign impersonating FINRA officials and asking them to hand over sensitive information under the threat of penalties.
In a notice issued on Friday, the US financial industry regulator said that the phishing messages are being sent from multiple domains impersonating FINRA official sites.
The domains used in these ongoing phishing attacks were registered on Thursday, August 12, using the services of the Hosting Concepts B.V. and NameCheap registrars.
Before issuing the alert, FINRA asked the Internet domain registrar to suspend services for the malicious domains due to their use in active phishing attacks.
According to the US financial market regulator, none of the domain names used to deliver phishing messages are connected to FINRA. Organizations receiving phishing emails originating from these domain names are advised to delete them immediately.
Another alert, issued in March, alerted US brokers of a phishing campaign using fake compliance audit alerts to harvest brokers' information.
News URL
Related news
- Phishing platform 'Lucid' behind wave of iOS, Android SMS attacks (source)
- iOS devices face twice the phishing attacks of Android (source)
- China names alleged US snoops over Asian Winter Games attacks (source)
- Windows NTLM hash leak flaw exploited in phishing attacks on governments (source)
- Three Reasons Why the Browser is Best for Stopping Phishing Attacks (source)
- Phishing detection is broken: Why most attacks feel like a zero day (source)
- DPRK Hackers Steal $137M from TRON Users in Single-Day Phishing Attack (source)
- Low-tech phishing attacks are gaining ground (source)
- Ukrainian extradited to US for Nefilim ransomware attacks (source)
- MintsLoader Drops GhostWeaver via Phishing, ClickFix — Uses DGA, TLS for Stealth Attacks (source)