FINRA Warns Of Widespread Financial Fraud, Phishing Scams Taking Advantage of COVID-19 Pandemic

A new alert issued to financial brokers and dealers warns about widespread scams, in which fake emails supposedly sent by financial regulators could allow computers to be hacked.

The Financial Industry Regulatory Authority (FINRA) issued a Cybersecurity Regulatory Notice on May 4, advising financial firms to be vigilant in screening emails received from the agency, as hackers are attempting to exploit financial firm employees working remotely on unsecure devices during the COVID-19 pandemic.

According to the warning, hackers seek to exploit financial firms with deceptive emails that encourage immediate responses or require users to enter their passwords to gain access to the fake notices.

Hair-Dye-Cancer-Lawsuits
Hair-Dye-Cancer-Lawsuits

FINRA has reviewed several reports where financial firms have received emails with the source domain name “@broker-finra.org”, requesting immediate attention to an attachment relating to the firm. The domain name will appear legitimate, but will have slight spelling variations to deceive recipients not diligently reviewing the sender’s email address.

When the attachments or embedded links within the emails are opened the user may be prompted to enter their Microsoft or SharePoint passwords, which could allow a hacker to gain leverage on business, personal and sensitive financial information.

Some reports indicate no attachments or links were included in some of the phishing emails, which are believed to have been sent in an attempt to gain the recipients trust so that continued follow up correspondence with confidential information could be shared.

FINRA warns the emails appear legitimate, and may even contain the names of actual FINRA officers. To date, the agency has identified fraudulent emails purported to be from FINRA officers Bill Wollman and Josh Drobnyk.

The notices strongly encourage anyone who has received an email from the @broker-finra.org source domain, or from any other sender not verified by FINRA, to not open it and have the firm report the event to FINRA, the Securities and Exchange Commission or the Federal Bureau of Investigation.

Those who have launched the embedded links or opened attachments and entered their passwords should change them immediately and notify the appropriate individuals in their firm of the incident.

Among other scams firms are being advised to look out for are fraudulent account openings and money transfers, IT Help Desk scams, and similarly fraudulent emails sent firm-to-firm.

The financial industry is being reminded that during the continued stay-at-home orders and encouraged telework, employees should remain vigilant in verifying the legitimacy of suspicious emails prior to responding to them, opening attachments or clicking on links.

FINRA announced they have assembled a fraud task force to specifically handle these fraudulent events. Additional information and resources on how to prevent and handle scams can be found on FINRA’s Cybersecurity Topic Page.


0 Comments


Share Your Comments

This field is hidden when viewing the form
I authorize the above comments be posted on this page
Post Comment
Weekly Digest Opt-In

Want your comments reviewed by a lawyer?

To have an attorney review your comments and contact you about a potential case, provide your contact information below. This will not be published.

NOTE: Providing information for review by an attorney does not form an attorney-client relationship.

This field is for validation purposes and should be left unchanged.

MORE TOP STORIES

Women pursuing Depo-Provera meningioma lawsuits will have to provide documentary proof of their diagnosis and the versions of the birth control shot they received within 120 days of filing their case.
An Indiana woman has filed a Cartiva SCI implant lawsuit, indicating that the toe implant failed due to a defective design, resulting in the need for revision surgery and recommendations to permanently fuse her big toe.
Two California hair stylists filed separate lawsuits, indicating that repeated occupational exposure to toxic chemicals in hair coloring dyes caused them to develop bladder cancer.