Note:
- On March 13, 2026, this Industry Letter was updated to include an additional domain identified to be targeting DFS regulated entities: [@]linkkereso.com.
- On March 27, 2026, this Industry Letter was updated to include the following additional domains identified to be targeting DFS regulated entities: [@]dfs.ny.gov.goencryvia.com and [@]dfs.gov.myencryvvia.com.
- On April 29, 2026, this Industry Letter was updated to reference fraudulent phone calls impersonating the Department.
Industry Letter
Date: January 22, 2026
To: All DFS-Regulated Entities and Individuals
Re: Cybersecurity Threat Alert – Phishing Scam Impersonating DFS
The Department of Financial Services is alerting regulated entities and individuals to use caution before responding to outreach from individuals falsely claiming to represent DFS.
DFS recently became aware of phishing emails purporting to come from DFS personnel urging regulated entities to open files, make payments, and/or claims to share a file that is missing to prompt further engagement. DFS urges all regulated entities to closely review email header information, including the email address used to transmit the email.
Legitimate DFS emails will be sent only from [@]dfs.ny.gov or [@]public.govdelivery.com. At least some of the messages claiming to be from DFS were sent from [@]myportal.dfs.ny.gov.cazepost.com, [@]linkkereso.com, [@]dfs.ny.gov.goencryvia.com, and [@]dfs.gov.myencryvvia.com. Emails from these domains are not legitimate.
In addition to emails from these domains, consumers should be aware of phone calls impersonating the Department. The Department will never ask consumers to call the agency back at a different number.
If you receive unexpected communications from DFS requesting immediate payment, to open an attachment, or to enter account credentials, you should confirm the legitimacy of the communication before taking action. Do not use contacts or links provided in these emails. Instead, directly reach out to DFS via your primary point of contact or the DFS Consumer Assistance Unit.
As always, regulated entities and individuals should exercise caution when asked to provide sensitive information, open attachments, enter account credentials, change payment instructions, or issue payments. DFS urges regulated entities and individuals to continue regular personnel training and simulated phishing exercises in addition to technical controls such as email filtering and alerts for external emails.