The FBI warns the public about criminals targeting US stock investors through social media platforms and messaging service applications (apps). The scheme, known as a “ramp-and-dump” stock manipulation, targets US investors through online engagement, often via social media advertisements or messages promoting an “investment club” of fellow investors, some of which may be bots or fake accounts.
These promotions typically direct victims to secure messaging apps where the group operates. To appear credible, perpetrators may impersonate legitimate brokerage firms or well-known stock analysts. They secretly control a large volume of a low-priced stock and coordinate efforts to inflate its price (“ramp up”) by encouraging investment club members to purchase shares over a period of several weeks or months. Once the price is artificially elevated, the criminals sell off (“dump”) their shares at a profit, leaving unsuspecting investors with significant losses as the stock value collapses.
Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division
Sign up for the Cyber Security Review Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Hacker accessed PowerSchool’s network months before massive December breach
March 10, 2025
A hacker compromised the U.S. edtech giant PowerSchool months before its ‘massive’ data breach in December, according to a now-published forensic report into the incident conducted by U.S. cybersecurity firm CrowdStrike. In a letter sent to affected customers last week, seen by TechCrunch, PowerSchool confirmed that an investigation into the incident has revealed that its network ...
- Elon Musk’s X hit by waves of outages in what he claims is ‘a massive cyberattack’
March 10, 2025
Elon Musk’s X has been hit by three waves of outages since this morning, which the billionaire claims was due to a cyberattack. According to outage tracking site DownDetector, the problems began around 6 am ET when up to 20,538 users reported problems. The issues temporarily died down before nearly 40,000 users reported outages at 10 ...
- Allstate sued for not reporting data breach of 165,000 New Yorkers
March 10, 2025
New York state sued Allstate on Monday, accusing the insurer’s National General unit of failing to report a data breach that exposed drivers’ license numbers, and not developing reasonable safeguards to protect policyholders’ private information. The lawsuit by New York Attorney General Letitia James was filed in a state court in Manhattan, and seeks civil fines. ...
- European Commission defends EU digital markets rules in the face of US attacks
March 7, 2025
Vice-Presidents Teresa Ribera and Henna Virkkunen have insisted that the EU’s Digital Markets Act (DMA) does not target US companies and applies agnostically to digital platforms designated under its rules as “gatekeepers”, in a letter responding to questions from the US Congress seen by Euronews. “The criteria for gatekeeper designation are based on objectively identified and ...
- Russian crypto exchange Garantex seized by law enforcement operation
March 6, 2025
The U.S. Secret Service, working with a coalition of international law enforcement agencies, has taken down and seized the website of Garantex, a Russian cryptocurrency exchange accused of being associated with darknet markets and ransomware hackers. On Thursday, the official Garantex website was replaced with a notice saying the exchange’s domain has been seized by the ...
- Hacked health firm HCRG demanded journalist ‘take down’ data breach reporting, citing UK court order
March 6, 2025
A U.S.-based independent cybersecurity journalist has declined to comply with a U.K. court-ordered injunction that was sought following their reporting on a recent cyberattack at U.K. private healthcare giant HCRG. Law firm Pinsent Masons, which served the February 28 court order on behalf of HCRG, demanded that DataBreaches.net “take down” two articles that referenced the ransomware ...