NFA warns members of phishing attack

NFA warns members of phishing attack

The rise in cyber scams has been yet another fallout of Covid-19, and even the regulators aren’t safe. The NFA requested ‘member vigilance’ this month when it was hit by a phishing attempt.

Amid the multitude of stressors in the day-to-day operations of firms, incessant phishing attempts have become commonplace for organizations as well as individuals. These take many forms: text messages, emails, and an even larger number of scam phone calls than ever before.

In unfortunate synchrony with global trends, NFA notified Members on March 3 of an ongoing phishing campaign that involves fraudulent emails purporting to be from NFA staff using a source domain name “”. NFA reports that some Members have received a follow-up fraudulent email purporting to be from the same NFA staff member that included an attachment and that the attachment, if opened, links to another website that requests the Member employee to provide their email password.

Members should be aware that NFA would not request personal information such as passwords via email.

NFA reminds Members to continue to closely scrutinize the sender’s address on all emails and to immediately delete all emails originating from the domain “” as well as other unfamiliar domains.

As a reminder, all legitimate emails from NFA will come from an address ending in “”, “”, or “” in the case of NFA Swaps Proficiency Requirements correspondence.

Want more insights like this?

Join our mailing list