Pump and Dumps Can Work - Regrettably

Spam increased 445 percent for one day, according to Postini, a hosted e-mail filtering company. They monitored the volume and beginning August 7th and ending the 9th, they saw a huge increase which is attributed to a pump and dump scheme. Pump and dumps were discussed in my prior blog entry.

This attack had no virus. The goal seems to have been to get the stock value up for the company mentioned in the PDF attachment, Prime Time Group. The scheme seems to have worked as the value of Prime Time was up 60 percent on August 8th.

SophosLab detected 500 million of these emails. One thing that was different was the size of the PDF file. This one was 10 pages long. This may have been an attempt to thwart some spam filters looking for the traditionally smaller attachments spammers have been sending.

Consumer Report's 2007 study "State of the Net" projects that in the last two years U.S. consumers lost $7 Billion due to viruses, spyware and phishing schemes.

Are you seeing PDF Spam?

Is there a correlation between all these spam emails you've been seeing that you have a greeting card from a "friend," "neighbor,", "mate," as well as others, and the increase in other spam emails? Some think so.

Sophos, a security firm which monitors this believes the increase is directly related. Spammers used to send text messages. Then filters were made to look for certain words, phrases, patterns or the frequency of use of certain words. The spam filters did their job. So the spammers started using pictures of their messages embedded in the email. This got it through the word filters. But eventually some filters were catching up to these methods and the success rate at trashing the messages was increasing. So the spammers have gone to attached PDF files. Many users receive valid PDF attachments so canceling all these could be detrimental to business.

Sophos believes there is a correlation between the increase in e-greeting card messages and the PDF (attachment) spam messages. Netizens read the email and go to a linked site for their bogus greeting card. There, they get infected with malicious software (malware) and are unaware they are now being used to help send all these spam messages.

So far, the attachment spam has not been infectious. It is a "pump and dump" maneuver to artificially inflate some stocks value. The companies are not the problem, it is the investors trying to make the profit on a sale. The Security and Exchange Commission appears worried about stock spam. It suspended trading on 35 companies that had been promoted in email messages, last March.

While the PDF attachments have not been found to be harmful, as with any attachment, if you are not expecting it, don't open it. And if you are not expecting an e-greeting or don't recognize the sender or the site, don't go there to open it. And as alway, keep your virus files and firewalls on and up to date.