FINRA has issued an alert to its member firms warning of a new imposter website, www.finnra.org (notice the extra “n” in the domain name). While FINRA has requested that the Internet domain registrar suspend services, at the time this article was written, the website was still active and looks identical to the real FINRA website.
FINRA warns that criminals could use the domain to send fake emails including those with embedded phishing links or attachments containing dangerous malware. The domain of “finnra.org” is not connected to FINRA in any way and anyone should delete all emails originating from this domain name.
Provided below is a screenshot of the fraudulent website. As you can see, it looks almost identical to that of FINRA’s legitimate website, minus the slight alteration in the URL.
One portion of the website contains a link to a registration site that is not legitimate. The registration button in the top, right-hand corner of the imposter website leads to a gated form that is in no way affiliated with FINRA.
Back in May, FINRA issued a similar warning, informing member firms of a widespread, ongoing phishing campaign that involved fraudulent emails purporting to be from FINRA officers. To learn more about that incident, see Quest CE’s blog article Don’t Fall Victim to this FINRA Phishing Scam.
To read the full FINRA notice, click here.