Security experts are warning users not to be fooled by a new penny stock spam campaign that has so far seen millions of unsolicited emails find their way into inboxes across the globe in an attempt to artificially drive up the value of an unknown mineral company.
This latest “pump and dump” scam has already become the biggest and most successful of the year to date, with over three million unique samples seen so far, according to security firm Bitdefender.
The spammers typically persuade their victims to buy up so called “penny stocks” in a company, which rapidly inflates the share price. When it has reached a certain point, they then decide to dump their own shares back on the market, reaping huge profits.
It’s a tactic depicted in the recent hit movie The Wolf of Wall Street, although in that tale the victims were phoned up by dishonest stockbrokers, rather than spammed out offers.
This latest spam campaign attempts to get individuals to buy stocks in a mineral deposit company, apparently using links to reputable sites including Reuters, Nasdaq and Market Watch to increase its credibility.
Subject lines such as “Read up on this immediately,” and “Christmas is here early my friend,” as well as the content of the spam mails, are crafted to persuade individuals they’re missing out by not investing.
It seems to be working, with transaction volumes reaching 1.6 million stocks in just two days, Bitdefender said.
“Stock spammers make detection harder by using largely spread botnets and sending the spam from many IPs,” the firm’s chief security strategist, Catalin Cosoi, told Infosecurity.
“In this case, classical IP-based detection might be tougher to pull off by traditional security software. The sender's name and address also changes from one spam message to another, making detection harder.”
Spam has been sent from compromised computers as far afield as Australia, India and South Korea. Thousands of UK IP addresses have also been detected sending the spam.
“The IPs detected in UK are most probably infected computers, part of the stock spam botnet,” explained Cosoi. “They are likely spreading the scam without users' knowledge.”