Retarus Press Release:
Online fraudsters bank on stock market manipulation
Retarus issues warning about spam wave purporting to offer stock market tips
Munich, 02.05.2017 // The security experts at Retarus are warning users about a spam wave spreading quickly across email inboxes. The email security provider has recently recorded a sharp rise in the volume of messages proposing that readers buy supposedly promising shares. By means of these investment recommendations, cyber criminals are trying to influence the share price of a particular company’s stock to their own advantage.
In the current wave of attacks, the authors are calling for recipients to buy securities in the company Quest Management Inc. Through this scam the spammers are not only profiting from a short-term rise in the share price based on demand for the stocks, but also stand to benefit from the subsequent crash by holding options. That this logic actually adds up was clearly shown by a similar attempt at fraud in March. The share price of InCaptcha Inc. initially sky-rocketed during a 4 day spam wave and then plummeted just as fast thereafter. The stocks recommended in these types of spam emails are mostly so-called “penny stocks”, which are securities quoted at less than a dollar.
Fraudsters are using a world-wide botnet consisting of 400,000 computers
Retarus’ systems alone filter out around 9.3 million of these types of spam emails on a daily basis. According to analyses done by the security experts, the current attack is being carried out by a botnet which is estimated to have hijacked 400,000 computers to do its dirty work. In the current case the spammers are proceeding extremely insidiously, as the infected systems are not paralyzed by distributing huge volumes of messages, as is usually the case. Instead, by limiting the transmission to a maximum of 50 emails per minute, their activities generally remain under the thresholds at which IT administrators would become aware of them.
Spam filters outsmarted by numerous text variations
The spammers also continually adapt and modify the text in the spam messages. The company name, for instance, was written in full in messages at the beginning of the attack, while in more recent versions only the securities identifier “QSMG” is mentioned in a more coded way. The recommendation to buy the stocks is also substantiated in various ways – some emails refer to a forthcoming takeover and others herald an amazing breakthrough in cancer research. So for many conventional spam filters these kinds of attacks are difficult to identify in time, as they solely rely on searching for specific keywords.
That’s why it is crucial to keep the signatures of the spam and virus filters up to date at all times. Retarus’ specialists moreover recommend that their customers adopt a basic principle of first shifting all messages with more than 60 percent likelihood of being spam into quarantine.
The human insecurity factor: heightened vigilance essential
To safeguard themselves from the dangers of such fraud attempts, it is also absolutely essential that users have increased levels of vigilance and check the plausibility of messages more attentively. As with all scams the “human factor” still remains an important issue with spam fraud. This means that companies need to take steps to sensitize their staff about these kinds of attacks on a regular basis. In the best case, real-world examples should be used to heighten awareness and transparent, easy-to-follow guidelines should be provided for cases where suspicion arises.
The information contained in this press release constitutes neither an offer to sell nor the advertising of an offer to buy a futures contract, a security or an option.
Since 1992, Retarus has been supporting companies in achieving highly efficient communication. The global information logistics provider with 14 branches on four continents always plays an important role where large amounts of data need to be transmitted securely and reliably –– irrespective of which communication channels, interfaces, applications and devices are required. The services are soundly based on a Global Delivery Network which includes the company’s own data centres in Europe, the USA and the APAC region, as well as fully redundant carrier infrastructure. Half of all EURO STOXX 50 companies and about 20 percent of Dow Jones corporations rely on Retarus’ services. Longstanding customers include Adidas, Bayer, BNP Paribas, Continental, DHL, DZ BANK, Goldman Sachs, Honda, Osram, Puma, Sixt, T-Systems and Sony.