Experts at SophosLabs™, Sophos's global
network of virus, spyware and spam analysis centers, have warned of
a huge spam campaign in the last 24 hours, designed to manipulate
the share price of a company which sells wireless products to young
people. Sophos reports that the scale of the spam campaign is so
great that it has resulted in the amount of spam seen by its global
traps rising by 30% in the last 24 hours.
The spam messages are being sent to internet users worldwide,
with an attached PDF file which urges them to buy shares in a
company called Prime Time Group Inc. Investors may not be aware
that the spammers have already purchased stock at a cheap price and
are trying to artificially inflate its price by encouraging others
to purchase more. The spammers plan to then sell off their stock at
a profit, which may cause the price to plummet.
The massive spike in spam was first seen at Sophos's spamtraps
in Germany at 16:40 BST yesterday, but was quickly seen arriving at
other monitoring stations around the world. The email messages are
being sent from compromised home PCs, turned into compromised
zombies by hackers.
The pump-and-dump spam message encouraging
recipients to purchase stock comes inside a PDF file.
Part of the message reads as follows:
IMAGINE IF YOU HAD THE CHANCE TO BUY A WAL-MART FRANCHISE IN
MEXICO RIGHT WHEN IT FIRST OPENED ITS DOORS THERE AND ALL YOU
NEEDED WAS A SMALL STAKE TO GET IN.
Hurry, we see this stock starting to make the turn
NOW.
Big watch in effect for August 8, 2007!!!!
"The scale of this stock pump-and-dump spam campaign is like
nothing we've seen before, and it looks like it is working for the
cybercriminals behind it. The share price in this company has
rocketed as a result of bogus news being blasted to internet users
worldwide," said Graham Cluley, senior
technology consultant for Sophos. "In an attempt to get past
anti-spam products criminals are now regularly using PDF files to
carry their slick enticements for potential investors. Although a
solid anti-spam defense can protect against this menace, there are
plenty of people who still haven't defended their email gateways
and are being fooled into making an unwise investment."
The company's share price has rocketed as the
huge spam campaign has convinced people to invest.
Last month, Sophos published
its Security Threat Report July 2007, examining the latest trends
in spam, malware and hacking. The report described the trend for
spammers to use PDF files to try and escape detection by email
gateway filtering products.
Sophos experts report that pump-and-dump stock campaigns account
for approximately 25 percent of all spam, up from 0.8 percent in
January 2005.
Earlier this year, Sophos reported how the
US Securities and Exchange Commission (SEC) had suspended trading
in 35 companies as they were found to be commonly referenced in
pump-and-dump stock email campaigns.
Sophos recommends companies protect themselves with a consolidated solution which can defend against the
threats of spam, hackers, spyware and viruses.