Experts at SophosLabs™, Sophos's global
network of virus, spyware and spam analysis centers, have
identified a German "pump-and-dump" stock spam campaign which uses
an attached PDF file too hoodwink potential investors.
In a new spam campaign identified by Sophos researchers,
messages are being sent to German internet users encouraging them
to read an attached PDF file which urges them to invest in stock in
a company called Talktech Media, who are listed on the Frankfurt
stock exchange. In examples seen by SophosLabs, the PDF file
carries the bizarre name sexy_ganja_report.pdf.
Internet users may not be aware that the spammers are likely to
have already purchased stock at a cheap price and are trying to
artificially inflate its price by encouraging others to purchase
more. The spammers plan to then sell off their stock at a profit,
which may cause the price to plummet.
The pump-and-dump spam message comes complete
with a PDF file encouraging recipients to purchase stock in
"Internet users without anti-spam protection are probably used
to seeing messages in their inbox telling them to buy shares in
companies they've never heard of, but usually the promotions are in
the form of regular text or an embedded image," said Graham Cluley, senior
technology consultant for Sophos. "In an attempt to get past
anti-spam filters criminals are now using PDF file attachments to
carry their slick enticements for people to invest. The positive
news is that a good anti-spam defense can protect against this
nuisance, but the rewards for this kind of crime mean that spammers
are unlikely to stop their pump-and-dump scams anytime soon."
Sophos experts report that pump-and-dump stock campaigns account
for approximately 25 percent of all spam, up from 0.8 percent in
Earlier this year, Sophos reported how the
US Securities and Exchange Commission (SEC) had suspended trading
in 35 companies as they were found to be commonly referenced in
pump-and-dump stock email campaigns.
Sophos recommends companies protect themselves with a consolidated solution which can defend against the
threats of spam, hackers, spyware and viruses.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.