US financial regulator warns of a massive phishing campaign

US financial industry

FINRA warns of a phishing campaign aimed at stealing passwords from Microsoft Office or SharePoint leaders.

The US Financial Industry Regulatory Authority (FINRA) has issued a rare cyber security alert today warning member organizations of a “widespread, ongoing phishing campaign.”

FINRA said the malicious emails were aimed at stealing passwords from its member organizations from Microsoft Office and SharePoint.

FINRA, a private sector group that operates as a self-regulatory body for brokerage firms and exchange markets, said the campaign is still ongoing.

According to the security warning, phishing emails were sent using the “@broker-finra.org” domain and made look like they were sent by Bill Wollman and Josh Drobnyk, two of FINRA’s vice presidents.

FINRA reported that the phishing emails contained an attached PDF file containing a link redirecting users to the website asking members to enter their respective Microsoft Office or SharePoint passwords.

FINRA advises that someone who has entered their password update it immediately and inform the correct individuals in their firm of the incident,” said Dave Kelley, FINRA Director of Member Supervision Specialist Programs.

Kelley also warned that several emails originating from the broker-finra.org domain used a second, more stealthy tactics.

“In at least some situations, emails do not necessarily contain the attachment,” Kelley said. “They could be trying to gain the trust of the recipient so that a follow-up email can be sent with an infected attachment or connection, or a request for confidential firm information.”

SEE ALSO:
Server Misconfiguration Resulted in Data Pertaining to Thousands of Razer Customers

If the attackers were successful in their attacks, they would have access to the Office accouns belonging to some of the most influential brokerage players on the New York Stock Exchange.

According to its website, FINRA says that it manages the regular activities of more than 634,000 registered brokers.

Total
0
Shares
Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post
Hacker

LineageOS shutdown triggered by hackers in violation of main infrastructure

Next Post
Godaddy Data breach

GoDaddy Reports Data Breach on SSH Accounts Used in its Hosting Environment

Related Posts