Brokerage Firms Warned by FINRA Regulator of New Phishing Attack

The Financial Industry Regulatory Authority (FINRA) has issued an information notice to brokerage firms regarding an ongoing phishing attack which currently targets member firms with malicious spam e-mails.

FINRA is a not-for-profit organization which regulates exchange markets and member brokerage firms, and it is authorized by the US Congress to defend America’s investors by always ensuring that the broker-dealer industry functions equitably and honestly.

The phishing attack warning comes after a number of brokerage firms have already received suspicious looking e-mails camouflage to appear as being received from a legitimate credit union entity.

Wiz

FINRA's information notice says:

The email appears to be from a legitimate credit union attempting to notify the firm about potential money laundering involving a purported client of the firm. The email directs the recipient to open an attached document—which likely contains a malicious virus or malware designed to obtain unauthorized access to the recipient’s computer network.

To be more exact, the phishing e-mails come from a "purported BSA-AML compliance officer" of a seemingly legitimate Indiana-based credit union.

The contents of the message mention a money transaction made by one of the clients of the targeted brokerage firms to the credit union, a transfer allegedly put on hold because of money laundering concerns.

Additionally, as detailed in FINRA's alert, "The sender attempted to give some legitimacy to the email by including a reference to a provision of the USA Patriot Act that relates to the ability of financial institutions to share information with each other."

The phishing e-mail also comes with a number of other fraud red flags:

  • an email address that appears to be from Europe, rather than the U.S.-based credit union
  • numerous instances of poor grammar and sentence structure
  • a request that the recipient open the email attachment for more details

Email phishing is used by threat actors as an attack vector designed to trick their targets into performing actions designed to compromise them or to trick them into revealing confidential information.

By camouflaging their e-mails to look as coming from trusted business partners bad actors are able to make their messages look legitimate and deceive their targets into downloading attachments containing malware or clicking malicious links redirecting to malware-laden attachments.

tines

Break down IAM silos like Bitpanda, KnowBe4, and PathAI

Broken IAM isn't just an IT problem - the impact ripples across your whole business.

This practical guide covers why traditional IAM practices fail to keep up with modern demands, examples of what "good" IAM looks like, and a simple checklist for building a scalable strategy.

Related Articles:

FBI seizes domain storing bank credentials stolen from U.S. victims

Nigeria arrests dev of Microsoft 365 'Raccoon0365' phishing platform

Microsoft 365 accounts targeted in wave of OAuth phishing attacks

Microsoft: Hackers steal emails in device code phishing attacks

Your MFA Is Costing You Millions. It Doesn't Have To.