The U.S. Financial Industry Regulatory Authority (FINRA) warned its brokerage firms about an ongoing phishing campaign targeting users to steal personal information. In a security alert, FINRA stated that malicious actors are sending fraudulent emails to users with a source domain “@invest-finra.org.” FINRA has asked users to verify the legitimacy of the email before downloading any attachments or clicking on any links, and also requested the Internet domain registrar to suspend services for the invest-finra.org.
FINRA is a non-profit organization supervised by the Securities and Exchange Commission (SEC) that regulates member brokerage firms and exchange markets in the U.S.
A Homoglyph Technique?
Attackers are impersonating FINRA members by using their real names and images to trick users into believing that they are legitimate. This technique is used in a homoglyph attack, where, cybercriminals misuse the similarities of character scripts to create phony domains of existing brands to trick users into clicking on fraudulent emails. A homoglyph is one of two or more characters or glyphs with shapes that appear identical or very similar.
FINRA has asked users to delete all emails originating from “invest-finra.org.”
Not the First Time
Earlier, FINRA stated that attackers used registered brokers’ data to create phishing emails and imposter websites. The fake emails were embedded with phishing links or malicious attachments that contained malware. Several members fell victim to these sites, compromising their personally identifiable information (PII) like names, email addresses, and contact details. Read the full story here…