FINRA Warns Of Widespread Financial Fraud, Phishing Scams Taking Advantage of COVID-19 Pandemic

A new alert issued to financial brokers and dealers warns about widespread scams, in which fake emails supposedly sent by financial regulators could allow computers to be hacked.

The Financial Industry Regulatory Authority (FINRA) issued a Cybersecurity Regulatory Notice on May 4, advising financial firms to be vigilant in screening emails received from the agency, as hackers are attempting to exploit financial firm employees working remotely on unsecure devices during the COVID-19 pandemic.

According to the warning, hackers seek to exploit financial firms with deceptive emails that encourage immediate responses or require users to enter their passwords to gain access to the fake notices.

Did You Know?

Ticketmaster Data Breach Impacts Millions of Customers

A massive Ticketmaster data breach exposed the names, addresses, phone numbers, credit card numbers and other personal information of more than 560 million customers, which have now been released on the dark web. Lawsuits are being pursued to obtain financial compensation.

Learn More

FINRA has reviewed several reports where financial firms have received emails with the source domain name “@broker-finra.org”, requesting immediate attention to an attachment relating to the firm. The domain name will appear legitimate, but will have slight spelling variations to deceive recipients not diligently reviewing the sender’s email address.

When the attachments or embedded links within the emails are opened the user may be prompted to enter their Microsoft or SharePoint passwords, which could allow a hacker to gain leverage on business, personal and sensitive financial information.

Some reports indicate no attachments or links were included in some of the phishing emails, which are believed to have been sent in an attempt to gain the recipients trust so that continued follow up correspondence with confidential information could be shared.

FINRA warns the emails appear legitimate, and may even contain the names of actual FINRA officers. To date, the agency has identified fraudulent emails purported to be from FINRA officers Bill Wollman and Josh Drobnyk.

The notices strongly encourage anyone who has received an email from the @broker-finra.org source domain, or from any other sender not verified by FINRA, to not open it and have the firm report the event to FINRA, the Securities and Exchange Commission or the Federal Bureau of Investigation.

Those who have launched the embedded links or opened attachments and entered their passwords should change them immediately and notify the appropriate individuals in their firm of the incident.

Among other scams firms are being advised to look out for are fraudulent account openings and money transfers, IT Help Desk scams, and similarly fraudulent emails sent firm-to-firm.

The financial industry is being reminded that during the continued stay-at-home orders and encouraged telework, employees should remain vigilant in verifying the legitimacy of suspicious emails prior to responding to them, opening attachments or clicking on links.

FINRA announced they have assembled a fraud task force to specifically handle these fraudulent events. Additional information and resources on how to prevent and handle scams can be found on FINRA’s Cybersecurity Topic Page.

0 Comments

Share Your Comments

I authorize the above comments be posted on this page*

Want your comments reviewed by a lawyer?

To have an attorney review your comments and contact you about a potential case, provide your contact information below. This will not be published.

NOTE: Providing information for review by an attorney does not form an attorney-client relationship.

This field is for validation purposes and should be left unchanged.

More Top Stories

Ozempic MDL Court To Evaluate Need for Gastroparesis Diagnostic Testing in GLP-1 Lawsuits
Ozempic MDL Court To Evaluate Need for Gastroparesis Diagnostic Testing in GLP-1 Lawsuits (Posted yesterday)

A federal judge has agreed to divide lawsuits over gastroparesis injuries linked to drugs like Ozempic and Mounjaro into multiple phases, examining how the condition is diagnosed and whether plaintiffs' claims are preempted by federal laws.

Adult Woman Files Similac Lawsuit Over NEC Injuries Experienced as a Newborn
Adult Woman Files Similac Lawsuit Over NEC Injuries Experienced as a Newborn (Posted 2 days ago)

Lawsuit alleges that Abbott Laboratories failed to provide families and the medical community with adequate warnings about the risks associated with it’s cow’s milk-based Similac formula, which a now adult woman indicates has left her with life-long NEC injuries.

Amended Lawsuit Over BioZorb Implant Side Effects Outlines Problems Caused By Tissue Marker Design Defects
Amended Lawsuit Over BioZorb Implant Side Effects Outlines Problems Caused By Tissue Marker Design Defects (Posted 3 days ago)

Six breast cancer patients have asked a federal judge for permission to amend a complaint filed in March 2024, which describes problems linked to the device and painful side effects experienced when the tissue marker migrated out of position or shattered inside their bodies.