CSA Warns Registrants About Malicious Impersonation Scam Emails

CSA News (Canadian Securities)

Detected February 11th, 2026

Email Set alert

Summary

The Canadian Securities Administrators (CSA) has issued a warning to registrants about a malicious spear phishing scam. The emails impersonate the CSA and aim to obtain personal or confidential business information. Registrants are urged to be vigilant, verify sender addresses, and report suspicious emails.

View original document View source feed page

What changed

The Canadian Securities Administrators (CSA) has issued a notice warning registered entities about a sophisticated spear phishing scam. The fraudulent emails impersonate the CSA, using a domain not associated with the organization, and are designed to trick recipients into revealing personal or confidential business information. The CSA emphasizes the importance of verifying sender authenticity and treating any suspicious communication with extreme caution.

Regulated entities receiving such emails are advised to delete them immediately and report them to their local securities regulator. If a link has been clicked or an attachment opened, individuals should take immediate steps to change passwords and notify their internal security departments. This notice serves as a reminder for vigilance against evolving cyber threats targeting financial professionals in Canada.

What to do next

Verify the authenticity of all emails claiming to be from the CSA or its member organizations.
Do not click on links or open attachments in suspicious emails.
Report any suspected phishing emails to your local securities regulator and the CSA.