FINRA recently released Regulatory Notice 21-18 addressing an increase in customer account takeover attempts (“ATO”). An ATO involves bad actors who utilize customer information, including usernames and passwords, to gain unauthorized access to online accounts, including online brokerage accounts. An ATO often occurs via phishing emails and social engineering attempts.

FINRA released a regulatory notice warning all member firms of a phishing attempt from an organization trying to impersonate FINRA. Phishing is a cybercrime where targets are contacted by email by someone pretending to be a legitimate organization to lure individuals into responding with sensitive data.