Close Close
Popular Financial Topics Discover relevant content from across the suite of ALM legal publications From the Industry More content from ThinkAdvisor and select sponsors Investment Advisor Issue Gallery Read digital editions of Investment Advisor Magazine Tax Facts Get clear, current, and reliable answers to pressing tax questions
Luminaries Awards

Regulation and Compliance > Federal Regulation > FINRA

FINRA Warns of BD Phishing Scam

Your article was successfully shared with the contacts you provided.

The Financial Industry Regulatory Authority warned broker-dealers Wednesday to be on the lookout for a phishing email targeting compliance personnel.

Brokerage firms have reported to FINRA that the email appears to be from a legitimate credit union attempting to notify the firm about potential money laundering involving a purported client of the firm.

“The email directs the recipient to open an attached document — which likely contains a malicious virus or malware designed to obtain unauthorized access to the recipient’s computer network,” FINRA states in a Information Notice.

Phishing scams are ever-changing and are designed to infiltrate the computer network of the recipient, FINRA points out.

The BDs reported receiving suspicious emails from a purported BSA-AML compliance officer working at what appears to be a legitimate Indiana-based credit union.

The email references a transfer of money made by a firm client to the credit union, a transaction that according to the email was placed on hold due to concerns about potential money laundering, FINRA says.

“The email contains an attachment that, if opened, could pose security risks to the firm,” FINRA states. “The sender attempted to give some legitimacy to the email by including a reference to a provision of the USA Patriot Act that relates to the ability of financial institutions to share information with each other.”

Attachments from unknown sources should not be opened unless cleared by your network security provider, FINRA warns.

The email contains red flags of potential fraud, including:

  • an email address that appears to be from Europe, rather than the U.S.-based credit union;
  • numerous instances of poor grammar and sentence structure; and
  • a request that the recipient open the email attachment for more details.


© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.