Articles Tagged with Phishing

|

The Securities and Exchange Commission (“SEC”) recently published its sixth risk alert on cybersecurity since 2014. In this alert, the SEC focused on how its regulated firms protect themselves against ransomware risk. I previously wrote about the SEC’s last risk alert on ransomware here.

Ransomware is malware that stops a user from accessing either part or all of the data within their network or other systems until a ransom is paid. For ransomware to be effective, it must gain access to network data in some form or fashion, usually through user error, such as a user clicking a link, downloading a file, or doing something else which affirmatively provides the ransomware access to data. From there, the hacker typically encrypts data and demands payment to unencrypt it.

There are varying studies, but up to 90% of financial services firms, including investment advisers, broker-dealers and investment companies, report that they have been targeted by ransomware. The SEC also reports that these targeted attacks have gotten more sophisticated in nature over the last few years, which necessitates greater allocation of resources from firms to protect themselves.

Continue reading ›

|

FINRA has alerted its Member Firms to be on the watch for a fraudulent phishing email scheme targeted at compliance personnel. A phishing scheme typically uses email or some other type of electronic message to trick the recipient into clicking a malicious link or infected file attachment by mimicking a message from a trustworthy party. This particular scheme employs an email purportedly originating from an Anti-Money Laundering compliance officer at an otherwise apparently legitimate Indiana-based credit union. The email—which was received recently by a number of FINRA Member Firms—specifically targets compliance personnel by appearing to be a communication regarding an attempted transfer of money by a client of the recipient’s firm to the credit union which has been placed on hold due to concerns about potential money laundering. The scam is designed to get the recipient to open an attachment, which, according to FINRA “likely contains a malicious virus or malware designed to obtain unauthorized access to the recipient’s computer network.”

FINRA noted the following additional aspects of the fraudulent email that recipients should be alert for:

  • An otherwise legitimate reference to a provision of the USA Patriot Act allowing financial institutions to share information with each other.
  • An actual email address that appears to be from Europe, rather than the U.S.-based credit union.
  • Numerous instances of poor grammar and sentence structure.

Continue reading ›

Contact Information
2987 Clairmont Rd
#200
Atlanta, GA 30329
Toll Free: (855) 322-2057Local: (404) 490-4060Fax: (404) 490-4058 jsparker@parkmac.com

Attorney Advertising

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Please do not include any confidential or sensitive information in a contact form, text message, or voicemail. The contact form sends information by non-encrypted email, which is not secure. Submitting a contact form, sending a text message, making a phone call, or leaving a voicemail does not create an attorney-client relationship.

Copyright © 2024, Parker MacIntyre
JUSTIA Law Firm Blog Design