A massive spam blast that started Tuesday is still in progress and shows no sign of abating, a security company said. “The scale of this stock pump-and-dump spam campaign is like nothing we’ve seen before,” said Graham Cluley, a senior technology consultant at Sophos PLC. Similar to countless other e-mail campaigns in both delivery method and intent — the message arrives as a Portable Document Format (PDF) file and baits the scam by touting quick money to be made on an up-and-coming, if completely unknown, stock.
http://www.pcworld.com/article/id,135679/article.html[Sophos news release] Mass pump-and-dump scam causes spam level surge Single PDF spam campaign causes 30% increase in junk email levelExperts at SophosLabs, Sophos’s global network of virus, spyware and spam analysis centers, have warned of a huge spam campaign in the last 24 hours, designed to manipulate the share price of a company which sells wireless products to young people. Sophos reports that the scale of the spam campaign is so great that it has resulted in the amount of spam seen by its global traps rising by 30% in the last 24 hours.The spam messages are being sent to internet users worldwide, with an attached PDF file which urges them to buy shares in a company called Prime Time Group Inc. Investors may not be aware that the spammers have already purchased stock at a cheap price and are trying to artificially inflate its price by encouraging others to purchase more. The spammers plan to then sell off their stock at a profit, which may cause the price to plummet.The massive spike in spam was first seen at Sophos’s spamtraps in Germany at 16:40 BST yesterday, but was quickly seen arriving at other monitoring stations around the world. The email messages are being sent from compromised home PCs, turned into compromised zombies by hackers.”The scale of this stock pump-and-dump spam campaign is like nothing we’ve seen before, and it looks like it is working for the cybercriminals behind it. The share price in this company has rocketed as a result of bogus news being blasted to internet users worldwide,” said Graham Cluley, senior technology consultant for Sophos. “In an attempt to get past anti-spam products criminals are now regularly using PDF files to carry their slick enticements for potential investors. Although a solid anti-spam defense can protect against this menace, there are plenty of people who still haven’t defended their email gateways and are being fooled into making an unwise investment.”Last month, Sophos published its Security Threat Report July 2007, examining the latest trends in spam, malware and hacking. The report described the trend for spammers to use PDF files to try and escape detection by email gateway filtering products.Sophos experts report that pump-and-dump stock campaigns account for approximately 25 percent of all spam, up from 0.8 percent in January 2005.Earlier this year, Sophos reported how the US Securities and Exchange Commission (SEC) had suspended trading in 35 companies as they were found to be commonly referenced in pump-and-dump stock email campaigns.Sophos recommends companies protect themselves with a consolidated solution which can defend against the threats of spam, hackers, spyware and viruses.http://sophos.com/pressoffice/news/articles/2007/08/spam-pump.html
Huge Spam Spike in Progress
A massive spam blast that started Tuesday is still in progress and shows no sign of abating, a security company said. “The scale of this stock pump-and-dump spam campaign is like nothing we’ve seen before,” said Graham Cluley, a senior technology consultant at Sophos PLC. Similar to countless other e-mail campaigns in both delivery method and intent — the message arrives as a PDF file and baits the scam by touting quick money to be made on an up-and-coming, if completely unknown, stock.