FINRA warns of a phishing campaign aimed at stealing passwords from Microsoft Office or SharePoint leaders.
The US Financial Industry Regulatory Authority (FINRA) has issued a rare cyber security alert today warning member organizations of a “widespread, ongoing phishing campaign.”
FINRA said the malicious emails were aimed at stealing passwords from its member organizations from Microsoft Office and SharePoint.
FINRA, a private sector group that operates as a self-regulatory body for brokerage firms and exchange markets, said the campaign is still ongoing.
According to the security warning, phishing emails were sent using the “@broker-finra.org” domain and made look like they were sent by Bill Wollman and Josh Drobnyk, two of FINRA’s vice presidents.
FINRA reported that the phishing emails contained an attached PDF file containing a link redirecting users to the website asking members to enter their respective Microsoft Office or SharePoint passwords.
“FINRA advises that someone who has entered their password update it immediately and inform the correct individuals in their firm of the incident,” said Dave Kelley, FINRA Director of Member Supervision Specialist Programs.
Kelley also warned that several emails originating from the broker-finra.org domain used a second, more stealthy tactics.
“In at least some situations, emails do not necessarily contain the attachment,” Kelley said. “They could be trying to gain the trust of the recipient so that a follow-up email can be sent with an infected attachment or connection, or a request for confidential firm information.”
If the attackers were successful in their attacks, they would have access to the Office accouns belonging to some of the most influential brokerage players on the New York Stock Exchange.
According to its website, FINRA says that it manages the regular activities of more than 634,000 registered brokers.
🚨🚨🚨Phishing scam alert!
If you”ve received an email from FINRA, specifically Josh Drobnyk, do not open it is a confirmed phishing scam targeting financial advisors.
I just got off the phone with FINRA and they are aware of the scam.
Please RT to help spread the word.
— Benjamin Brandt (@RetireMeASAP) May 4, 2020