Fraudulent Phishing Emails – A Warning from FINRA

FINRA warns member firms to be on the lookout for a fraudulent phishing emails that are currently circulating. Recently, member firms have reported to FINRA that they have received suspicious emails targeting their compliance personnel.

Recognizing the Red Flags of Fraudulent Phishing Emails

The firms have recounted that they have received suspicious fraudulent phishing emails from a purported BSA-AML compliance officer working at what appears to be a legitimate Indiana-based credit union. The email references a transfer of money made by a firm client to the credit union, a transaction that according to the email was placed on hold due to concerns about potential money laundering. The email contains an attachment that, if opened, could pose security risks to the firm.

The sender attempted to give some legitimacy to the email by including a reference to a provision of the USA PATRIOT Act that relates to the ability of financial institutions to share information with each other.

The fraudulent phishing emails which contain red flags of potential fraud, include:

  • an email address that appears to be from Europe, rather than the U.S.-based credit union;
  • numerous instances of poor grammar and sentence structure; and
  • a request that the recipient open the email attachment for more details.

Take Action

FINRA advises firms that receive suspicious emails from an unknown source to use caution before replying to the sender or opening any links or attachments. If your firm has received suspicious emails, here are some ways to report the incident to FINRA:

  • contact your Regulatory Coordinator;
  • file an online regulatory tip at www.finra.org;
  • send an email to [email protected]; or
  • call FINRA’s Whistleblower Line at (866) 963-4672.

As a reminder, fraudulent phishing emails are ever-changing and are designed to infiltrate the computer network of the recipient. You should always use caution when opening emails from unknown senders and do not open attachments until you verify the sender and information that might be included in the document.

The full FINRA Information Notice can be accessed here.

To explore other important topics relating to Broker-Dealers, click here.