Phishers are trying to trick investment brokers into sharing their Microsoft Office or SharePoint login credentials by impersonating FINRA, a non-governmental organization that regulates member brokerage firms and exchange markets.
Phishers target investment brokers with malicious emails
The “widespread, ongoing phishing campaign” takes the form of emails purportedly sent by FINRA VPs Bill Wollman and Josh Drobnyk from @broker-finra.org email addresses.
They can contain an attached document or a malicious link, though occasionally they are just are simply a way to elicit a response and gain the recipient’s trust before sending an email with an infected attachment or link or a request for confidential firm information.
“In other cases, what appears to be an attached PDF file may direct the user to a website which prompts the user to enter their Microsoft Office or phishers target investment brokers office sharepoint login credentials security
