Skip to main content

Hello,

Last week ESI received two notifications (from the Virginia Division of Securities and from FINRA) on fraudulent phishing email purporting to be from them. They are noted below. We would like to make you aware of these possible phishing emails (and possibly others that may appear to come from a regulator). Please be aware that these campaigns will often use different email addresses.  Please do not open them and report them as Phishing.

If you have any questions, please contact your supervisor.

Thanks!


June 24, 2021

Division of Securities and Retail Franchising Alert to Advisors Regarding Phishing Email

The Division of Securities and Retail Franchising (“Division”) warns registered investment advisors (“IAs”) of an ongoing phishing campaign that involves fraudulent emails (see sample in Appendix) purporting to be from the “Division of Securities and Retail Franchising”.  The fraudulent email typically asks the recipient to click on a link in the email to view IA fee changes.  Do not click on the link as doing so may load malware on your computer or result in other undesired consequences.  The Division recommends that anyone who has received such an email and clicked on the link in that email, immediately notify the appropriate individuals in their firm as well as the appropriate authorities, and run a total virus scan on the computer.

The email was clearly a phishing attempt because:

The Division reminds advisors to verify the legitimacy of any suspicious email prior to responding to it, opening any attachments or clicking on any embedded links. 

Questions regarding this Notice should be directed to the Division’s Registration section at (804) 371-9686. 

Appendix

Confidential


Please Note:

FINRA warns member firms of an ongoing phishing campaign that involves fraudulent emails (see sample in Appendix) purporting to be from “FINRA Membership” and using the email address “supports@finra-online.com”. The email asks the recipient to respond to an issue of “regulatory non-compliance for which your immediate response is required” and then asks the recipient to click on a link or document. FINRA recommends that anyone who clicked on any link or image in the email immediately notify the appropriate individuals in their firm of the incident. The domain of “finra-online.com” is not connected to FINRA and firms should delete all emails originating from this domain name. To review the Regulatory Notice, please click: https://www.finra.org/rules-guidance/notices/21-08.

TC121733(0621)1