The Financial Industry Regulatory Authority warned member firms about a new impostor FINRA website that has an extra “n” in its domain name and could be used by bad actors for a wide range of destructive actions if brokers aren’t careful.
The new imposter website, www.finnra.org, should not be confused with FINRA’s real website, www.finra.org, the self-regulatory group pointed out last week in a notice at its site.
The “finnra.org” domain is “not connected to FINRA and firms should delete all emails originating from this domain name,” it said.
The impostor website looks nearly identical to the actual FINRA site. It contains links to a registration site that is not legitimate, FINRA noted.
It is also “possible bad actors could leverage the domain to send fake emails including those with imbedded phishing links or attachments containing malware,” FINRA warned.
Fraud continued to be a major challenge that broker-dealers faced during the COVID-19 pandemic, with the “biggest potential problem” being phishing attacks, Bill Wollman, an executive vice president at FINRA and head of its office of Financial and Operational Risk Policy, said in May.