FINRA warns member firms of an ongoing phishing campaign that involves fraudulent emails that include the domain “@invest-finra.org”. FINRA recommends that anyone who clicked on any link or image in the email immediately notify the appropriate individuals in their firm of the incident.
The domain of “invest-finra.org” is not connected to FINRA and firms should delete all emails originating from this domain name.
FINRA has requested that the Internet domain registrar suspend services for “invest-finra.org”.
FINRA reminds firms to verify the legitimacy of any suspicious email prior to responding to it, opening any attachments or clicking on any embedded links.
Source: U.S. Financial Industry Regulatory Authority