Aggregated News From Investment Management Regulators

Regulatory Notice 20-30 |


Please complete the required fields.


Several firms have recently informed FINRA that malicious actors are using registered representatives’ names and other information to establish websites (“imposter websites”) that appear to be the representatives’ personal sites and are also calling and directing potential customers to use these imposter websites. Imposters may be using these sites to collect personal information from the potential customers with the likely end goal of committing financial fraud.1 This Notice describes certain common characteristics of these sites and actions firms and registered representatives can take to monitor for and address these sites.

Questions concerning this Notice should be directed to David Kelley, Director, Member Supervision Specialist Programs, at (816) 802-4729 or by email.

Background and Discussion

Recently, several member firms have notified FINRA that they are observing fraudsters using registered representatives’ names and other legitimate information to establish imposter websites. (See Attachment A for sample screen shots of such sites.) In addition, FINRA has received reports that the fraudsters are calling and directing potential customers to the imposter websites.

Common features of these websites include the following:

  • using the registered representative’s name as the domain name for the website (e.g.,;2
  • including a picture purporting to be the registered representative;
  • providing information about the registered representative’s employment history, including prior employers’ CRD numbers and examination history; and
  • asking individuals to fill out a contact form with the individuals’ names, email addresses, phone numbers, the subject of the inquiry and space for a message.

In addition, some of the sites contain poor grammar, misspellings, odd or awkward phrasings, or misuse financial services terminology.

In addition, it is possible malicious actors could leverage the domain to send fake emails purporting to be from the registered representative and which may include imbedded phishing links or attachments containing malware.

Member firms and registered representatives can take steps to identify these pages by conducting periodic web searches using registered representatives’ names. In addition, some search engines allow users to create alerts that automatically search for defined terms (e.g., a registered representative’s name) and inform the user of new activity.

Firms may also consider the following steps similar to those FINRA noted last year in connection with risks relating to firm imposter websites:

  • Report the attack to the nearest Federal Bureau of Investigation (FBI) field office or the FBI’s Internet Crime Complaint Center, and the relevant state’s Attorney General via their websites or, if possible, a phone call.3
  • Run a “WHOis” search ( on the site to determine the hosting provider and domain name registrar associated with the imposter website (which may be the same organization in some instances). In some cases, this site also provides relevant contact information.
  • Submit an abuse report to the hosting provider or the domain registrar asking them to take down the imposter website. Continue to engage with the providers by phone or email until the matter is resolved.
  • Seek the assistance of a cybersecurity specialist, attorney or consultant who has experience with this type of fraud.
  • Notify the U.S. Securities and Exchange Commission (SEC), FINRA or other securities or financial regulators.
  • Consider posting an alert about the imposter website and the associated URL on your website, notifying registered representatives and alerting clients—especially those of the registered representative whose name is being misused—to the imposter website and also warning them not to open emails from that domain name.


  1. FINRA issued Information Notice 4/29/19 last year to alert firms of imposter websites targeting firms.
  2. The websites reported to FINRA to date use the correct spelling of the representative’s name unlike some of the imposter firm websites FINRA observed last year that sometimes used common misspellings of a name or visually similar character substitutions.
  3. Member firms should consider proactively reaching out to these authorities to establish a relationship. A pre-established relationship can help facilitate the reporting and resolution process when a member firm experiences an attack.

Source link

Regulator Information

Abbreviation: FINRA
Jurisdiction: United States

Recent Articles

Directive for the beneficial ownership register of express trusts and similar legal arrangements

See the Press Release published by the Cyprus Securities and Exchange Commission (CySEC CY) here: Source link


Attention! The FMA warns investors against concluding transactions with: RichmondSuper (Link to external page. Opens in new window.) [email protected] [email protected] [email protected] [email protected] [email protected] (Link to external page. Opens in new window.) This provider...

Hardson Becker Global

Attention! The FMA warns investors against concluding transactions with: Hardson Becker Global with its registered address apparently in Hangzhou, China This provider is not authorised to carry...

“Let’s talk about money” – money laundering: how illegal assets are given a legal appearance

In the latest edition of its consumer information series, “Let’s talk about money” the Austrian Financial Market Authority (FMA) explains about the term money...

Chair Powell will host town hall with educators August 2, 2021 at 4 p.m. EDT

Please enable JavaScript if it is disabled in your browser or access the information through the links provided below.

Get the latest from Regulatory.News in your inbox!