US securities industry regulator FINRA is warning brokerage firms of an ongoing phishing attack pretending to be from ‘FINRA Support.’

FINRA is a government authorized  non-profit organization that regulates all exchange markets and securities firms publicly active in the United States.

Impersonation FINRA

FINRA began warning brokers yesterday that a phishing campaign is sending emails pretending to be from ‘FINRA Support’ but are coming from a third-party domain.

FINRA sample phishing email

The ‘westour.org‘ domain is not connected to FINRA, brokerage firms are urged to delete any emails they receive from this domain. If they clicked on any links or opened attachments, they should immediately report the incident to their network admins. FINRA has asked NameCheap, the Internet domain registrar used to register this domain on 5/27/21, to suspend the westour.org domain.

Even though FINRA requested that domains associated with these attacks be deleted, many domains continue to be registered at various Internet registrars.