Money market mayhem sees return of pump-and-dump scams

Symantec highlights rise in spam designed to tempt twitchy traders with too-good-to-be true tips

Pump-and-dump scams are making a comeback in the wake of turmoil on the financial markets as spammers try to tempt traders to make up losses with high-risk investments.

In a pump-and-dump stock scam, spammers promote certain stocks in order to inflate the price as much as possible so that they may then be sold before their valuation crashes back to reality. The spam for these scams tries to convince the prospective mark that the penny stock is actually worth more than its valuation, or that it will soon skyrocket.

"Scammers can make substantial profits in a matter of days with a well-executed pump-and-dump spam," said Paul Wood, senior intelligence analyst, Symantec.cloud. "In the current turbulent environment many people may be convinced to invest in stocks that the scammers claim will benefit from the market turbulence."

A successful pump-and-dump spam campaign will artificially drive up the price of the stock to a point where the scammers decide to sell their shares. This usually coincides with them ending the spam campaign, which in turn reduces the interest in the stock, helping to drive its valuation back to the original low price.

Symantec's intelligence report for August also revealed an increase in master boot record (MBR) malware, which infects the first sector of a hard drive used to boot up a computer. There were as many new MBR malware threats in the first seven months of 2011 as there were in the previous three years.

"MBR infections offer great scope for deep infection and control of computers, which makes the idea attractive to malware creators," Wood said. "Contemporary MBR infection methods are a fairly complex affair usually executed by highly skilled individuals."

Global spam levels decreased in August compared to the previous month, but phishing activity increased. The UK became the second most targeted country, with one in 79.5 emails identified as phishing attacks.