We are alerting our community to ongoing phishing campaigns using email addresses that falsely claim to be associated with FINMA International or FINMA Switzerland.
Legitimate communications from FINMA will always come from official domains, such as:
- @finma.international
- @finma.ch
- (and other verified subdomains when appropriate)
Any messages from unofficial or suspicious domains — such as @finma-security.com, @finma-verify.net, or others not recognised by our organisation — should be treated as potentially fraudulent.
Important: While FINMA may request identification documents during regulatory or compliance procedures, such requests will only come through secure and verifiable channels from authorised addresses.
How to Protect Yourself:
- Do not respond to unexpected or suspicious emails.
- Do not click links or download attachments unless you have verified the sender.
- Report any phishing attempts to: lisa.robson@finma.international
We take your privacy and security seriously. Please stay vigilant and help us protect the integrity of financial communications.
Sincerely,
FINMA International Security Team
www.finma.international
