On February 13, 2019, FINRA released an alert to Brokerage firms warning of a fraudulent phishing e-mail that is circulating and targeting compliance personnel.
The e-mail appears to come from a credit union and reports on potential money laundering involving a purported client of the firm. The e-mail contains and attachment--WHICH SHOULD NOT BE OPENED.
CALL TO ACTION
As with any suspicious e-mail or Web site, I recommend NOT taking any action other than reporting the message to the appropropriate member of your team. You may also notify NS.BC of receipt of this or any other questionable message. Please do not forward any attachments. A member of the NS.BC team may request further information such as: e-mail headers, exact time-and-date of delivery or may ask for a remote session in order to gather further intel.
HOW NS.BC HELPS
NS.BC offers several layers of security in order to help protect against malicious activity. If you are unsure if your firm is utilizing one or more of these protective security layers, please submit a ticket to the NS.BC Support Queue and request a call to evaluate your existing technology security infrastructure.
REFERENCES AND READING
Official FINRA Announcement (full notice PDF available for download from FINRA Web site)
Bleeping Computer extract and analysis
SANS Newsbites E-mail announcement