Imposter Websites Reported by Member Firms

FINRA has recently received notice from several FINRA member firms indicating that they have been victims of imposter websites designed to mimic their actual websites with the end goal of committing financial fraud.

What is an Imposter Website?

An imposter website typically is designed to mimic a member firm’s actual website to obtain clients’ personally identifiable information (“PII”) or login credentials. Malicious parties have been targeting FINRA member firms regardless of whether those firms have an existing online presence. In some cases, they have also created email domains and accounts to correspond to the imposter websites. While this is not a new attack strategy, FINRA has indicated that they have observed an increasing frequency of such attacks on broker-dealers.

Be Proactive Against Imposter Websites

Firms can take proactive steps to monitor for imposter websites. For example, firms may consider registering website URL name variations, such as common misspellings or visually similar character substitutions, and using social media or website monitoring services to watch for any imposter websites.

Additionally, firms may consider taking the following recommended actions to address and deactivate the imposter websites should they be detected:

  • Report the attack to local law enforcement, the nearest Federal Bureau of Investigation (FBI) field office or the FBI’s Internet Crime Complaint Center, and the relevant state’s Attorney General.
  • Run a “WHOis” search (www.whois.net) on the site to determine the hosting provider and domain name registrar associated with the imposter website. This site may also contain relevant contact information.
  • Submit an abuse report to the hosting provider or the domain registrar asking them to take down the imposter website.
  • Seek the assistance of a cybersecurity specialist attorney or consultant who deals with this type of fraud as they may have some law enforcement or hosting provider contacts, or potential legal or other steps not outlined above.
  • Notify the U.S. Securities and Exchange Commission (SEC), FINRA or other securities or financial regulators.
  • Consider posting an alert on your website and sending email notifications to warn clients of the imposter website(s) and the associated URL(s).

As always, Securities Compliance Management stands ready to assist our clients with the compliance and regulatory needs.

For more information about cybersecurity concerns, please consult the FINRA Cybersecurity page or our previous blogs on the topic.