Office of Securities

IMPORTANT NOTICE
October 16, 2024

CYBERSCURITY ALERT:
Phishing Campaign Impersonating FINRA Staff

The Maine Office of Securities advises Maine-licensed firms and individuals to watch out for an ongoing phishing campaign involving emails that falsely purport to be from FINRA executives. The phishing emails claim that FINRA is attempting to collect information from the member firm's owner or CEO and that the firm will be fined or penalized if the requested information is not provided.  Other common features of the phishing emails reported by Maine firms include:

  • A PDF attachment titled "FINRA RFI Oct24.pdf" that appears to be blank but could contain malicious content
  • The emails come from fraudulent domains such as gateway-finra[.]com or gateways-finra[.]org
  • A demand that the recipient provide the "required information in strictest confidence" and not attempt to contact FINRA by phone or through FINRA Gateway

These emails are not from FINRA.  The Maine Office of Securities advises licensees to delete these emails and consider blocking the fraudulent domains.  This phishing campaign is a reminder that firms and individuals should always verify the legitimacy of any suspicious emails before responding, opening attachments, or clicking on embedded links.

For more information about the FINRA impersonation phishing campaign and steps that firms can take to protect themselves, please see the the alert posted on the FINRA website:  https://www.finra.org/rules-guidance/guidance/cybersecurity-alert-phishing-campaign-100924

Please contact the Maine Office of Securities at (207) 624-8551 with any questions.

 

 

 

 

This email was sent to [email protected] using GovDelivery Communications Cloud on behalf of: Maine Office of Securities · 121 State House Station · Augusta, MA 04333 GovDelivery logo