IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Investors warned to be vigilant of fake SEC alerts

Hackers are targeting victims using phone calls and voice mails about cryptocurrency transactions

The website of the US Securities and Exchange Commission displayed on a web browser

The Securities and Exchange Commission (SEC) has warned investors to be vigilant of a new scam involving communications that claim to be sent from officials acting on behalf of the commission.

The commission has been made aware of several instances where people have “received phone calls or voicemail messages that appeared to be from an SEC phone number”, according to an advisory issued by the SEC's Office of Investor Education and Advocacy (OIEA).

“The calls and messages raised purported concerns about unauthorized transactions or other suspicious activity in the recipients’ checking or cryptocurrency accounts,” warned the advisory.

The OIEA said that the calls and messages “are in no way connected to the SEC”, adding that people receiving such calls should not provide any personal information unless they have verified that they are dealing with the SEC.

The OIEA said that criminals have used the names of real SEC employees and email messages that falsely appear to be from the SEC to trick victims into transferring assets.

“Impersonation of US Government agencies and employees (as well as of legitimate financial services entities) is one common feature of advance fee solicitations and other fraudulent schemes,” said the advisory. “Even where the fraudsters do not request that funds be sent directly to them, they may use personal information they obtain to steal an individual's identity or misappropriate their financial assets.

The SEC said it does not seek money from any person or entity as a penalty for alleged wrongdoing outside of its formal enforcement process.

Related Resource

2021 state of email security report: Ransomware on the rise

Securing the enterprise in the COVID world

2021 state of email security report: Ransomware on the rise - whitepaper from MimecastFree download

"Be skeptical if you are contacted by someone claiming to be from the SEC and asking about your shareholdings, account numbers, PIN numbers, passwords, or other information that may be used to access your financial accounts,” the advisory warned.

In August, IT Pro reported that the Financial Industry Regulatory Authority (FINRA) had discovered a new phishing campaign that involves fraudulent emails using domain names pretending to be the financial regulator.

The advisory said that the fake emails used the false domains @finrar-reporting.org, @Finpro-finrar.org and @gateway2-finra.org. The domains were registered on 12 August 2021.

“None of these domain names are connected to FINRA and firms should delete all emails originating from any of these domain names,” it said in the advisory.

Earlier in June, FINRA published another advisory warning of similar phishing campaign using the domain name “@gateway-finra.org.”

Featured Resources

Activation playbook: Deliver data that powers impactful, game-changing campaigns

Bringing together data and technology to drive better business outcomes

Free Download

In unpredictable times, a data strategy is key

Data processes are crucial to guide decisions and drive business growth

Free Download

Achieving resiliency with Everything-as-a-Service (XAAS)

Transforming the enterprise IT landscape

Free Download

What is contextual analytics?

Creating more customer value in HR software applications

Free Download

Recommended

Education and government most at risk from email threats
phishing

Education and government most at risk from email threats

26 Nov 2021
Attackers use CSS to fool anti-phishing systems
phishing

Attackers use CSS to fool anti-phishing systems

11 Nov 2021
Senate report slams agencies for poor cyber security
cyber security

Senate report slams agencies for poor cyber security

3 Aug 2021
Most employees put their workplace at risk by taking cyber security shortcuts
cyber security

Most employees put their workplace at risk by taking cyber security shortcuts

27 Jul 2021

Most Popular

16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

13 May 2022
(ISC)2 launches free scheme to get 100,000 UK citizens into cyber security
Careers & training

(ISC)2 launches free scheme to get 100,000 UK citizens into cyber security

17 May 2022
Preparing for the 3G sunset
Network & Internet

Preparing for the 3G sunset

18 May 2022