Sophos Smells Super-Sized Spam Stock Scam

Internet security research firm Sophos has warned of a massive spam campaign it has detected within the past 24 hours.

The spamming operation, known as a “pump and dump,” was designed to boost the share price of company that sells wireless products to young people, according to Sophos.

“On Tuesday, August 7, we saw a spike in the amount of spam being captured in our filters,” Ron O’Brian, a Sophos security analyst, told TechNewsWorld. “The spike of about 30 percent was directly attributed to a campaign that targeted a company called ‘Prime Time Group.'”

The scope of the campaign is so large that Sophos has seen the amount of spam in its global traps rise by some 30 percent in the last day.

Pump and dump stock campaigns represent some 25 percent of all spam, Sophos said, an 0.8 percent increase since January 2005.

Investor Relations

Nefarious individuals are sending the spam messages to Internet users around the world, said Sophos. The messages contain a PDF attachment that, when opened, encourages the viewer to purchase shares in Prime Time Group (PTG). These investors, Sophos said, may not be aware that the e-mails originate from individuals who have already purchased stock at a significantly lower price and are attempting to inflate the price through purchases from other investors.

“The influence exerted by a pump and dump scam affects the earning by allowing sales of the stock to fluctuate drastically,” O’Brien explained. “Often the spammers are the ones who benefit from the increase in value of the stock, but the identity of the spammers is obscured by the large number of individuals buying and selling the stock for a quick profit.”

In the long run, the stock’s value decreases significantly, leaving those who did not sell early holding stocks with a much lower selling price than the price at which they were purchased, often making them virtually worthless.

Despite warnings from the SEC about buying or selling stocks advertised in these spam campaigns, O’Brien stated, the public continues to fall for these types of scams.

Scams and Your Computer

These spamming campaigns have a deleterious affect not only on the unwary investor’s bottom line, but also on his or her PC. The spammers send their e-mail messages via compromised home PCs, which hackers have turned into slave systems called “zombies.”

“There is a direct correlation between the volume of spam being relayed and the spread of the ‘Dref and Dorf’ which make up the malware family commonly referred to as ‘Storm'”, O’Brien said. “Storm was spread over the July 4 weekend through a series of e-greeting cards.”

When users click on the link contained in the e-card, the malware is then downloaded onto computers without any virus or malware protection. “These infected computers are now being used to distribute the pump and dump spam,” O’Brien pointed out.

In a report released earlier this year, the security firm noted that the US Security and Exchange Commission (SEC) had suspended trading in 35 companies frequently referenced in pump-and-dump spamming scams.

“This type of stock manipulation is illegal and as we have seen in the past, the parties who are responsible can be charged with a crime,” O’Brien concluded. “Anyone who receives an e-mail purporting to be a stock tip should delete the e-mail. Participating in a stock scam by buying and selling the stock is a crime and can result in prosecution.”

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

Technewsworld Channels