Information Notice – 10/2/19
Several member firms recently notified FINRA that they have experienced email account takeovers (ATOs) while using cloud-based email platforms, including Microsoft Office 365 (O365). Attackers used compromised email accounts to defraud member firms by requesting fraudulent wire requests or stealing confidential firm information or non-public personally identifiable information (PII).
This Notice outlines the attackers’ tactics in executing ATOs, as well as steps taken by member firms to address ATO risks when using cloud-based email systems.
Questions concerning this Notice should be directed to:
- David Kelley, Surveillance Director, at (816) 802-4729.