An alleged stock tip Retarus warns courses before massive stock spam campaign

in electronic mailboxes currently millions of times. As the security provider, Retarus now warns, the currently spam-wave spreads out over a botnet with more than 400,000 computers. Retarus filters according to own data, currently more than 9 million of the mail from mailboxes.

advertise the scammers in the cover letter with a supposed stock tip. You intend to move Management Inc. the quest their victims to the purchase of shares in the Latvian company spam message. With such ‘tips’ the cybercriminals in, drive the value of the share in the short term. In this way, you benefit from the gains. About put options, they bet but also on a rapid slump of the course, which occurs as expected after the end of the spam campaign.
 Retarus warns of a current spam campaign, in which encrypted the penny-stock of Management Inc., a Latvian company, quest will be advertised. The authors constantly changing the text of the message and so outsmart spam filters. (Image: Retarus) Retarus warns of a current spam campaign, in which encrypted the penny-stock by Management Inc., a Latvian company, quest will be advertised. The authors constantly changing the text of the message and so outsmart spam filters. (Image: Retarus)

a corresponding approach could already observe in March

Retarus. This, the paper of InCaptcha Inc. was pushed up in a period four days about spam messages. Following the course but again fell on the low level before the campaign. For such price manipulation, the scammers use mostly so-called Penny Stocks, so shares with a market value of just a few cents.

this approach of cybercriminals basically is not new. As the security provider is however explained to the wave of spam originated in a large botnet with estimated around 400,000 machines have. The spammers, proceed very carefully. The hijacked systems send not more than 50 mails per minute. The security administrators of affected systems get so little from these actions.

the author of the mail provide constantly new textual variants in the spam mail. Initially, the company name still had been named yet complete. In newer versions, however, just the value of paper ID “QSMG” show up in the verklausulierter form. Also, the purchase of the “shares insider tips” will times established times with a pending acquisition, with an alleged research breakthrough in cancer research. Many spam filters can trick themselves so at least for a short time, because these usually only looking for certain keywords in the news.

messages that have more than 60 percent probability, should be moved first according to the experts of Retarus in the quarantine. Even if such mails through the filters slip through, the staff remain the biggest uncertainty factor. Companies should raise awareness so the employees and define clear processes also for suspected cases.

before a few weeks was also abused the BSI for a spam campaign. in February, the Federal Office for security in information technology (BSI) had warned against spam mails with the logo of the authority . With the E-mail, the sender urge the recipient to install a software in the annex. They justify this request that BSI and the Alliance for cyber security must be checked, whether the computer of the user as suspected was part of a phishing attack against the Federal Government. But instead, a malicious software installed on the computer of the fake users. 

the BSI has published also advice on dealing with spam . Therefore, users as a main rule should check messages on the basis of three points. Is the shipper known? Are subject and text make sense? Expected an appendix?

WEBINAR

what next – BB´s storage & co: the enterprise cloud!

get to know the building blocks of enterprise cloud platform in this audio Webinar. Learn how to achieve maximum freedom and flexibility for your applications. More outcome achieved with less input – specific application examples. [Update: the webinar has already occurred.] Register now and look at the record.

[withmaterialfromMartinSchindler silicon.de ]

Be the first to comment

Leave a Reply