Phishing Attempt

The Commission has become aware of a possible phishing attempt being sent purporting to be from the Commission.

The email is asking recipients to log into the PQ portal to update their OPQ. 

If you have received an email from the Commission and you are unsure of its authenticity, please do not click on any links or attachments and instead forward it to [email protected]. 

The Commission sends its emails from the domain ending “gfsc.gg” and the email domain that the phishing email came from is “gfsc.app".

Firms are reminded of the guidance available to them in the Commission’s Cyber Rules and Guidance, 2021 and in particular the need to ensure firms:

• and their staff exercise caution and vigilance by not clicking on or opening unfamiliar links in emails;
• have appropriate cyber security software in place;
• implement IT systems updates in a timely manner;
• notify the Commission if they are subject to a significant cyber security event.

UPDATE 10.10.2024: The Commission has carried out an investigation into the phishing attempt which has revealed that this was not a genuine phishing attack but was part of a training exercise run by a third-party for its staff. It serves as a timely reminder to financial services businesses and others to exercise caution and vigilance by not clicking on or opening unfamiliar links in emails and to have appropriate cyber security software in place, implement IT systems updating in a timely manner and notify the Commission if they are subject to a significant cyber security event.