Pump-and-dump scammers attempt to manipulate German stock exchange

March 28, 2007 Sophos Press Release

Sophos, a world leader in IT security and control, has warned European investors of the danger of pump-and-dump stock scams following the discovery of a spam campaign designed to manipulate the share price of a company listed on the German stock exchange.

US-based energy company Stonebridge Resources Exploration Ltd announced its listing on the Frankfurt Stock Exchange on 1 March 2007 under the ticker symbol S3C.

Yesterday, SophosLabs™ experts identified an active spam campaign encouraging German investors to buy shares in the company. The scam, known as a "pump-and-dump", works by spammers purchasing stock at a cheap price and then artificially inflating its price by encouraging others to purchase more (often by spamming "good news" or "investment tips" about the company to others). The spammers then sell off their stock at a profit.

Trading in the stock soared as the spam campaign was distributed via email.

"This is the first time we have seen a widespread spam campaign trying to influence a stock market based outside of the USA, and German language users may be at risk of losing money," said Graham Cluley, senior technology consultant for Sophos. "We saw the price of this stock rise immediately after we intercepted the spam campaign, and there is a danger that some people may be fooled into investing in this firm for bogus reasons. It will be interesting to see if stock scammers, who have plagued North American-listed penny stocks for some time, will now turn more of their attention to European markets."

Unusually, this pump-and-dump stock scam tries to influence the share price of a company listed outside the USA.

"Some people may be puzzled by the strange use of language in the second half of the email. This is what our labs call 'spamglish' - a mixture of random English words used by spammers in an attempt to slip the email past anti-spam filters," continued Cluley. "This is a classic spammer trick to try and avoid gateway defenses, but should help the human eye identify that the email is far from legitimate."

Sophos's Security Threat Report 2007 revealed that pump-and-dump stock campaigns accounted for approximately 25 percent of all spam last year, up from 0.8 percent in January 2005.

Earlier this month, Sophos reported how the US Securities and Exchange Commission (SEC) had suspended trading in 35 companies as they were found to be commonly referenced in pump-and-dump stock email campaigns.

Sophos recommends that companies protect themselves with a consolidated IT security solution to protect against the threats of spam, spyware and malware.