FINRA Warns of Targeted Phishing Attacks
Posted by: GuidePoint Security
The US Financial Industry Regulatory Authority (FINRA), the agency that oversees the security industry, is warning the 600K+ brokerage firms it supervises of an active phishing attack appearing to come from ‘FINRA Support’. The fraudulent emails have a subject header of ‘Policy Update’ and request the recipient pay attention to the attached report. Notably, the emails do not seem to contain an attachment, which may be an attempt by the threat actors to get recipients to reply to the email to enable further fraudulent engagement. FINRA has requested the Internet domain registrar to suspend the account used to deliver the emails—‘westour.org.’ FINRA is also advising brokerage firms to delete any emails received from this email address.
Next Steps
In addition to using social engineering to steal credentials and financial information, phishing attacks may also deliver malware. Businesses are encouraged to use anti-phishing services and email security technology to protect their employees and data from attack.
Check out our other blog posts from this past week.
GuidePoint Security