Phishing campaign spoofs FINRA

BleepingComputer reports that brokerage firms and brokers across the U.S. have been warned by the Financial Industry Regulatory Authority regarding an active phishing campaign that spoofs the regulator's officials, in an effort to obtain sensitive data. FINRA said that various domains impersonating its official sites — including finrar-reporting[.]org, finpro-finrar[.]org, gateway2-finra[.]org — were used to send the phishing messages. "The email asks the recipient to click a link to 'view request' and provide information to 'complete' that request, noting that 'late submission may attract penalties'," FINRA said in its notice. FINRA urged for immediate notification of any incident involving the clicking of links or images in the phishing emails. Threat actors registered the domains through Hosting Concepts B.V. and NameCheap registrars on August 12. The Internet domain registrar has been sought to suspend services for the domains prior to the release of the FINRA alert. FINRA issued a warning regarding a similar phishing campaign in June.