The FBI warns the public about criminals targeting US stock investors through social media platforms and messaging service applications (apps). The scheme, known as a “ramp-and-dump” stock manipulation, targets US investors through online engagement, often via social media advertisements or messages promoting an “investment club” of fellow investors, some of which may be bots or fake accounts.
These promotions typically direct victims to secure messaging apps where the group operates. To appear credible, perpetrators may impersonate legitimate brokerage firms or well-known stock analysts. They secretly control a large volume of a low-priced stock and coordinate efforts to inflate its price (“ramp up”) by encouraging investment club members to purchase shares over a period of several weeks or months. Once the price is artificially elevated, the criminals sell off (“dump”) their shares at a profit, leaving unsuspecting investors with significant losses as the stock value collapses.
Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division
Sign up for the Cyber Security Review Newsletter
The latest news and insights delivered right to your inbox.
Related:
- #StopRansomware: MedusaLocker
June 30, 2022
The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Department of the Treasury, and the Financial Crimes Enforcement Network (FinCEN) are releasing this CSA to provide information on MedusaLocker ransomware. Observed as recently as May 2022, MedusaLocker actors predominantly rely on vulnerabilities in Remote Desktop Protocol (RDP) to access victims’ networks. ...
- FCC Commissioner urges Google and Apple to ban TikTok
June 29, 2022
“TikTok is not just another video app. That’s the sheep’s clothing.” That’s what Brendan Carr wrote in his tweet along with a copy of the letter he sent Apple and Google, asking the companies to remove TikTok from their app stores. The agency’s senior Republican commissioner references a recent BuzzFeed News report that examined leaked ...
- 1.5 million customers impacted by Flagstar Bank data breach
June 21, 2022
Flagstar Bank has disclosed a security incident that led to the exposure of personal data belonging to up to 1.5 million customers. As reported by Bleeping Computer, the data breach occurred between December 3 and December 4, 2021. The US financial organization is headquartered in Michigan and operates over 150 branches in areas including Indiana, California, Wisconsin, ...
- Microsoft 365 credentials targeted in new fake voicemail campaign
June 20, 2022
A new phishing campaign has been targeting U.S. organizations in the military, security software, manufacturing supply chain, healthcare and pharmaceutical sectors to steal Microsoft Office 365 and Outlook credentials. The operation is ongoing and the threat actor behind it uses fake voicemail notifications to lure victims into opening a malicious HTML attachment. According to researchers at cloud ...
- International operation takes down Russian RSOCKS botnet
June 17, 2022
A Russian operated botnet known as RSOCKS has been shut down by the US Department of Justice acting with law enforcement partners in Germany, the Netherlands and the UK. It is believed to have compromised millions of computers and other devices around the globe. The RSOCKS botnet functioned as an IP proxy service, but instead of ...
- FDNY seeks firewall to stop doxxing, hacking of rescue workers’ personal data
June 12, 2022
The FDNY is seeking to build a digital firewall to protect the Big Apple’s thousands of rescue workers from cyberattacks, including “doxxing,” The Post has learned. The department recently put out a call in the City Record for consultant services “for the development and implementation of protective strategies to address the cyber threat of doxxing and ...