A new phishing campaign is targeting SEC-registered advisors by claiming to be from the regulator’s chief information officer.
The compliance firm ACA Group first became aware of the phishing campaign on Tuesday. Though the scope of the campaign is hard to ascertain, ACA Group revealed in an alert issued Wednesday that they’d heard from multiple clients about the scam email purporting to be from SEC CIO David Bottom.
The emails include some variations, but all include “virumail.com” following the “sec.gov” included in the sender’s email. According to ACA Group, Virumail is “commonly used in phishing attacks to spoof legitimate email addresses.” In the messages, the sender asks the recipient to reply and confirm their email address to secure future communications.
“This is a common form of ‘pretexting’ used in phishing scams to verify active contacts and build trust in future interactions,” the ACA alert read. “Since this message was benign, the recipient is more likely to interact with the next message, which will likely redirect to a harmful site, trick them into downloading malware, or result in some other harm.”
The alert includes a sample email sent to a client, with the affected firm name redacted. The group urged clients who get an email like that not to click on any links, respond to the email or download attachments and to be cautious of “alarmist” email subject lines. The group also suggested firms confirm SEC emails by “contacting a trusted SEC representative.”
“Do not use the details provided in the suspicious email—instead, refer to contact information listed on the SEC’s website or from another reliable source your firm already uses,” the alert read.
The SEC did not respond to a request for comment prior to publication.
Fraudsters impersonating regulators continue to target registered firms and advisors. Last autumn, FINRA warned reps about an ongoing phishing campaign from scammers posing as FINRA leaders. The campaign included a PDF attachment that could contain malicious content.
In the emails, the scammers claimed to be FINRA executives trying to collect information from the member firm’s owner or CEO. They often told the recipients to follow the directions included in the attached document within 48 hours to avoid penalties or fines. The scammers tried to sidestep reps’ due diligence by saying the request couldn’t be fulfilled by contacting FINRA.
Though it wasn’t clear how many firms were affected, Max Schatzow, a partner with RIA Lawyers, said several firms had contacted him with hundreds of millions in managed assets, and one firm with billions in AUM that had received phishing attempts.
#SECRegistered #Advisors #Targeted #Phishing #Scam