Posted by David Harley on April 19, 2017.
A few years ago, even before I started working directly with vendors in the security industry, ‘Pump and Dump’ scams were a major nuisance. Here’s a description from a paper Andrew Lee and I wrote after I started working with ESET.
Pump and Dump (or Hype and Dump) mails are designed to inflate the value of stock temporarily by hyping it to potential small investors. Typically, the scammer will buy a large amount of next-to-worthless stock, and then hype the company through spam, hoping other investors will buy it, thus inflating the price. As these duped investors buy stock, its value rises till the scammers sell off their shares at the now inflated price. They then stop hyping the stock and it falls in value, and typically the new investors sustain a financial loss. These mails are still often seen as a minor nuisance, but are rising in volume and widening in geographical scope, and there is evidence that organized crime is making a great deal of money this way.
At that point, this type of scam was still common and had become fairly sophisticated, at least in terms of avoiding detection by anti-spam products. But its impact fairly swiftly declined. I don’t know how prevalent it actually has been in recent years, but it had pretty much slipped off my radar: I wasn’t seeing it in my spam traps, and I wasn’t seeing it reported elsewhere. Not, at any rate, until Paul Ducklin reported a heavy upsurge in Pump and Dump, suggesting that:
‘…the “resting” Necurs zombies still out there and undetected have been called back into service.’
For Virus Bulletin, Martijn Grooten followed up with some references to other sources. And, sure enough, I found similar mails in my own spam traps at around the same time, from scammers claiming that shares in penny stock company InCapta (INCT) were about to soar in value due to a takeover. One message claimed that:
INCT specializes in the manufacturing of high-end specialized drones with real-world applications such as automated dispatching for news coverage by companies like CNN all the way to miniature drones which can be used to gather intelligence for the military, private investigators and police.
This doesn’t seem to be the case: InCapta appears to be a media company with no foothold in the world of drone technology. However, Pump and Dump scans tend to exploit thinly traded companies, about which there is often very little easily-obtained information. Another message claims that the company has:
‘… proprietary algorithms which essentially bring drones to life. These algorithms give the drones the capability to act independent of a physical operator.’
Just what the world needs: skies full of uncontrolled drones…
Subsequently, I’ve become aware of a barrage of similar messages relating to Quest Management (QSMG), a company that apparently distributes fitness equipment. However, the messages I’ve been seeing claim that it is about to make an announcement about a somewhat miraculous cure for cancer. Some of these claims remind me of those posts on social media that tell you how the pharmaceutical industry is suppressing the information that huge volumes of unrelated forms of cancer can be cured by taking a substance that generates cyanide or by eating green vegetables. For instance, one message claims that:
While this isn’t a one hundred percent method, it works good enough to save over 50 million lives a year.
You’d think that would be hard to keep secret, wouldn’t you?
Some of these messages certainly had an unhealthy effect on my blood pressure, perhaps because I spent quite a few years working in medical research environments, and many of these claims just don’t stack up. And according to a comprehensive article by Dynamoo, the stock has already crashed and burned. In fact, the spam hasn’t stopped at time of writing, so the scammers may well be hoping to get another shot at a substantial payday. But by the time you read this, this particular crop of scammers may have turned its attentions to a completely different market sector, so rather than detailing those medical improbabilities, let’s look at some of the less topic-specific characteristics of this type of scam, at least in its present form. (In fact, some of these will also apply to quite different scam types.)
Of course, the actual companies targeted for stock fraud are not necessarily complicit in the fraud: it’s (some of) the people trading the stock that are making the profits. And it’s not always the case that penny stock manipulation is actually illegal. But if you’re going to dabble in it, you really need to know a lot more about it.
Here are a few resources for further information about pump and dump, but I’m not going to tell you that these will tell you everything you need to know about making investments:
David HarleyShare This: Submitted in: David Harley |