IMPORTANT :: PHISHING ALERT, MESSAGE POSING AS FINRA DEFICIENCY LETTER WITH MALICIOUS LINKS OR ATTACHMENTS
What happened?
There is an active phishing campaign coming from the @claims-finra.org domain. Messages refer to a potentially malicious attachment and may reference “Deficiency Letters.” Messages also try to elicit a reply in a short period of time. Legitimate FINRA emails or requests would only come from @finra.org.
What can I do?
First, block or blacklist the domain @claims-finra.org. If anyone receives an email from that domain, delete it. Alert your coworkers and IT provider, but do not open or forward the message. Firms can always reach out to FINRA via phone at 240-386-4848 or check the FINRA Firm Gateway to confirm if there are any outstanding information requests.