New Phishing Campaign Impersonating US Financial Industry Regulator FINRA

New Phishing Campaign Impersonating US Financial Industry Regulator FINRA

FINRA warns organizations about phishing emails in which attackers use a Finra-related domain name.

FINRA is alerting that a phishing scam involves bogus emails posing as FINRA and using the domain name “”

FINRA is a not-for-profit organization that oversees U.S. broker-dealers. It is authorized by Congress to protect US investors by making sure the broker-dealer industry operates fairly.

The email instructs the recipient to visit a link to “view request” and “complete” the request, warning that late submission may result in penalties.

The victims who click the link will see a phishing page that steals login credentials. Once stolen, this information can lead to further attacks, impersonation, and other threats.

The domain “” is unrelated to FINRA, and firms should disregard any communications sent from this address. FINRA requested the Internet domain registrant managing the “” domain to shut it down.

FINRA urges all firms to double-check the legitimacy of any suspicious email before responding, opening any attachments, or clicking on any embedded links.

In addition, firms should check the tools available on FINRA’s Cybersecurity page for more information on Topic Page, including the Phishing section of FINRA’s Report on Cybersecurity Practices – 2018.

Anyone who clicked on any link or image in the email should immediately tell the proper individuals in their firm, according to FINRA. The points of contact are:

  • Dave Kelley, Director, Member Supervision Specialist Programs, at (816) 802-4729 or by email; or
  • Greg Markovich, Senior Principal Risk Specialist, Member Supervision Specialist Programs, at (312) 899-4604 or by email.

About the author

CIM Team

CIM Team

CyberIntelMag is the trusted authority in cybersecurity, comprised of leading industry experts for over 20 years, dedicated to serving cybersecurity professionals. Our goal is to provide a one-stop shop for knowledge and insight needed to navigate throughout today’s emerging cybersecurity landscape through in-depth coverage of breaking news, tutorials, product reviews, videos and industry influencers.