Story image

Global warning as spam attacks target stock market manipulation

04 May 17

A massive spam campaign is targeting the share price of a Latvian company by asking them to buy shares in the company.

Information logistics company Retarus spotted the campaign and has issued a worldwide warning, saying that these types of campaigns should raise awareness that attackers are getting smarter.

The company says the particular stock manipulation strategy uses a global botnet of more than 400,000 computers, a limited volume of 50 messages per minute and frequent text variations that can trick keyword-based spam filters.

According to Retarus, it filters out around 9.3 million of these types of spam emails on a daily basis. This campaign’s botnet has used an ‘insidious’ method as the infected systems aren’t paralysed by sending massive volumes of messages. The limited volume means it’s harder for IT administrators to detect them.

The company also says the spammers have also used different ways to give reasons for the stock purchases, including a forthcoming takeover and a breakthrough in cancer research. Spam filters often search for specific keywords, which means they cannot filter the messages properly.

The spammers are not only profiting from a short-term rise in share price due to demand, but they will also benefit from the crash through options.

This is not the first time a malicious campaign has meddled with the stock market: In March, the share price of InCaptcha rose during a four-day spam campaign and then dropped just as fast. 

These types of campaigns have been labeled ‘penny stocks’, which are securities quoted at less than one dollar.

Organisations should keep their spam and virus filters up to date. In addition, all messages with more than a 60% likelihood of being spam should be moved into quarantine.

The company also says that the ‘human factor’ remains an important issue in spam fraud. Useers must adopt increased levels of vigilance and thoroughly check the messages’ plausibility.

Retarus suggests that organisations should also educate their staff about these kinds of attacks. Real-world examples are effective methods to highlight awareness, and guidelines should be put in place for suspicious cases.

JASK prepares for global rollout of their AI-powered ASOC platform
The JASK ASOC platform automates alert investigations, supposedly freeing the SOC analyst to do what machines can’t. 
Pitfalls to avoid when configuring cloud firewalls
Flexibility and granularity of security controls is good but can still represent a risk for new cloud adopters that don’t recognise some of the configuration pitfalls.
Securing hotel technology to protect customer information
Network security risks increase exponentially as hotels look to incorporate newer technologies to support a range of IoT devices, including smart door locks.
Why total visibility is the key to zero trust
Over time, the basic zero trust model has evolved and matured into what Forrester calls the Zero Trust eXtended (ZTX) Ecosystem.
Gartner names Proofpoint Leader in enterprise information archiving
The report provides a detailed overview of the enterprise information archiving market and evaluates vendors based on completeness of vision and ability to execute.
WatchGuard appoints new channel distributors in A/NZ
The appointments will enable WatchGuard to expand its regional channel reseller footprint.
Tensions on the rise after Huawei CFO arrest
“Recently our corporate CFO, Meng Wanzhou, was provisionally detained by the Canadian authorities on behalf of the United States of America."
Palo Alto Networks integrates RedLock and VM-Series with AWS Security Hub
AWS Security Hub is designed to provide users with a comprehensive view of their high-priority security alerts and compliance status.