The Financial Industry Regulatory Authority has issued Regulatory Notice 21-20 warning firms of an ongoing phishing campaign that involves fraudulent emails that appear to be from FINRA but use the domain name “@gateway-finra.org.”
The phony emails ask recipients to click on a link and provide information, noting that a “late submission may attract penalties.” FINRA recommends that anyone who clicked on any link or image in the email immediately notify the appropriate individuals in their firm of the incident.
The domain of “gateway-finra.org” is not connected to FINRA, and firms should delete all emails originating from this domain name, the regulator said. FINRA reminds firms to verify the legitimacy of any suspicious email prior to responding to it, opening any attachments, or clicking on any embedded links.
FINRA has requested that the Internet domain registrar suspend services for “gateway-finra.org.”