Company dismisses any involvement in the campaign

Oct 16, 2014 12:55 GMT  ·  By

Spam designed to increase the stock value of a company in Canada has been spread in huge amounts in the past week, leading to a significant increase in the transaction volume.

The company trades at low prices per share, also known as penny stocks. According to the US Securities and Exchange Commission (SEC), these are companies trading below $5 / €4 per share and they are not listed on major exchanges.

Largest spam attack of the year

The Antispam division of Bitdefender, which dubbed the campaign “Wolf of Wall Street,” informs that the penny stock spam wave started to grow a week ago, with more than three million samples being distributed through networks of compromised computers (botnets) in the US, Spain, India, Australia, France, Germany, the UK, Romania, and South Korea.

On Thursday last week, the transaction volume recorded by the company was more than 1,620,000 shares, compared to 10,000 registered three days earlier.

According to the antivirus vendor, this is the largest spam attack recorded in 2014, and judging by its effect, it achieved its mission.

“These are today’s most vicious wolves of Wall Street. They no longer call potential investors to inflate stock values, but use a faster approach – email spam replicated in millions of samples,” senior antispam researcher Adrian Miron said in a blog post for Bitdefender.

Emails are well conceived to entrap the gullible

It appears that the individuals behind this spam campaign tried their best to make the information in the email as credible as possible. To this goal, they included legitimate links of websites providing stock exchange information (Yahoo Finance, Market Watch), as well as for Nasdaq.

Apart from this, the social engineering skills the crooks displayed in the creation of the message are remarkable, as they offer just enough information to make the recipient access the provided link and possibly buy some stock.

Moreover, the subject line in some of the analyzed samples imply that the message reached the victim by mistake, making the lure even more appealing. Some of them read “Do you still want this” and “Are you ready for this?”

How do cybercriminals profit?

The scheme is quite simple, and generally it does not involve the company whose shares are promoted.

After acquiring penny stock, the crooks artificially increase the stock value through spam and then they sell the stock when the price increases sufficiently. In this case, the company is Confederation Minerals Ltd. (CNRMF) and its activity consists in extracting mineral deposits in North America.

In a press release that coincides with its stock trading boost recorded on October 9, the company said that it was not involved in any way with “the recent promotional emails being circulated by The Street Inc.” and that it had no relationship with that entity.

The Street Inc. is the name of the sender of the spam email, according to a post from Conrad Longmore at Dynamoo’s Blog, who also caught several samples of this penny stock spam campaign, and provides an income statement for the company.