Phishing Campaign Lurking Behind Fake FINRA Audit Notifications

Attackers can be often seen carrying out effective phishing campaigns using common yet believable email templates from government agencies.

What was found?

The U.S. Financial Industry Regulatory Authority (FINRA) has issued a regulatory notice warning brokers of an ongoing phishing campaign leveraging fake email templates.

How is it working?

The phishing campaign has been using fake compliance audit alerts from FINRA to harvest information from U.S. brokerage firms and brokers.
  • The attackers are using finra-online[.]com, a recently registered web domain, to send phishing messages.
  • They used the FINRA Membership sender name and the legitimate FINRA website spoofing trick to add legitimacy to the phishing messages.
  • The domain used in these ongoing phishing attacks was registered on March 3, using the NameCheap domain name registrar.

FINRA’s recent alerts

In the last few months, FINRA has issued several alerts for phishing campaigns that were using lookalike domains.

  • In December 2020, fraudulent emails with the domain @invest-finra[.]org were targeting U.S. brokers.
  • In October 2020, phishing campaigns were using fake FINRA surveys and @regulation-finra[.]org domain to harvest information from brokerage firms.

Summing up

FINRA had issued several regulatory notices in the last year, with two of them alerting about phishing attacks targeting brokers’ information. The regulator has recommended brokers and brokerage firms to remain cautious against such phishing attacks and follow security guidelines to avoid any risks.

Source

Next Post

A new Linux Foundation open source signing tool could make secure software supply chains universal

Thu Mar 11 , 2021
sigstore could eliminate the headaches associated with current software signing technology through public ledgers. The Linux Foundation, in partnership with Red Hat, Google and Purdue University, has announced a new digital signing project, potentially eliminating many of the headaches that come with securing open source software, files, images and binaries.  […]