Notice Regarding SEC-Themed Phishing Campaign
Oct. 13, 2017
The SEC is aware of recent reports of an SEC-themed phishing campaign that has targeted numerous public and private sector entities, including some EDGAR filers. The emails sometimes contain a malicious attachment purportedly containing information about changes in EDGAR filings. Clicking on the attachment(s) results in an attempt to install malicious code designed to obtain unauthorized access to the recipient’s computer and/or network.
Please be advised that the SEC has not sent email notifications to filers that any changes have been made. If the SEC makes changes in how filings are made on EDGAR, it will announce those changes on its website SEC.gov. While the SEC has occasionally informed EDGAR Filers of significant changes to the way they interact with EDGAR by sending a notice via email, those notices will not contain attachments.
Any emails regarding updates or changes to EDGAR filing requirements, particularly any containing attachments, purporting to be from the SEC should be deleted and your network administrator or information security personnel should be notified. If you receive what you believe may be a suspicious email, you can contact the Filer Technical Support at 202-551-8900 Option 3.
More information on phishing, detection methods, and tips for protection can be found in the SEC Investor Publication, “Phishing" Fraud: How to Avoid Getting Fried by Phony Phishermen.”