The FBI warns the public about criminals targeting US stock investors through social media platforms and messaging service applications (apps). The scheme, known as a “ramp-and-dump” stock manipulation, targets US investors through online engagement, often via social media advertisements or messages promoting an “investment club” of fellow investors, some of which may be bots or fake accounts.
These promotions typically direct victims to secure messaging apps where the group operates. To appear credible, perpetrators may impersonate legitimate brokerage firms or well-known stock analysts. They secretly control a large volume of a low-priced stock and coordinate efforts to inflate its price (“ramp up”) by encouraging investment club members to purchase shares over a period of several weeks or months. Once the price is artificially elevated, the criminals sell off (“dump”) their shares at a profit, leaving unsuspecting investors with significant losses as the stock value collapses.
Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division
Sign up for the Cyber Security Review Newsletter
The latest news and insights delivered right to your inbox.
Related:
- IcedID Banker is Back, Adding Steganography, COVID-19 Theme
June 18, 2020
A new version of the IcedID banking trojan has debuted that notably embraces steganography – the practice of hiding code within images – in order to stealthily infect victims. It has also changed up its process for eavesdropping on victims’ web activity. Researchers at Juniper Threat Labs have uncovered an email spam campaign circulating in the ...
- US bank customers targeted in ongoing Qbot campaign
June 15, 2020
Security researchers at F5 Labs have spotted ongoing attacks using Qbot malware payloads to steal credentials from customers of dozens of US financial institutions. Qbot (also known as Qakbot, Pinkslipbot, and Quakbot) is a banking trojan with worm features used to steal banking credentials and financial data, as well as to log user keystrokes, deploy backdoors, and drop additional ...
- City of Knoxville shuts down network after ransomware attack
June 11, 2020
The City of Knoxville, Tennessee, was forced to shut down its entire computer network following a ransomware attack that took place overnight and targeted the city’s offices. Knoxville has a population of over 180,000, it’s Tennessee’s third-largest city after Nashville and Memphis, and it’s also part of the Knoxville Metropolitan Statistical Area, with a reported population of almost 870,000 in 2015. Read ...
- Espionage Group Hits U.S. Utilities with Sophisticated Spy Tool
June 9, 2020
The APT known as TA410 has added a modular remote-access trojan (RAT) to its espionage arsenal, deployed against Windows targets in the United States’ utilities sector. According to researchers at Proofpoint, the RAT, called FlowCloud, can access installed applications and control the keyboard, mouse, screen, files, services and processes of an infected computer, with the ability ...
- U.S. Nuclear Contractor Hit with Maze Ransomware, Data Leaked
June 4, 2020
A U.S. military contractor involved in the maintenance of the country’s Minuteman III nuclear arsenal has been hit by the Maze ransomware, according to reports – with the hackers making off with reams of sensitive information. The company, Westech International, has a range of contracts with the military for everything from ongoing evaluation for the ballistic ...
- NIST to Digital Forensics Experts: Show Us What You Got
June 2, 2020
First large-scale “black box” study will test the accuracy of computer and mobile phone forensics. Digital forensics experts often extract data from computers and mobile phones that may contain evidence of a crime. Now, researchers at the National Institute of Standards and Technology (NIST) will conduct the first large-scale study to measure how well those experts ...