14 DAY TRIAL // Sophos has issued a public warning concerning the modus operandi of a new breed of pump-and-dump stock spam campaign that integrates an animated graphic designed to deliver a subliminal message. In this context, Sophos was warned that the animated GIF graphics circumvent spam filters as the message are specially crafted to avoid detection. One example is the spam campaign structured around the Trimax Corporation.
"Animated graphics are being used in image spam campaigns to try and weave past filters which may be attempting optical character recognition to decipher the messages that spammers send," said Graham Cluley, senior technology consultant at Sophos. "This message tries to be subliminal, but it is questionable whether it would successfully subconsciously influence armchair investors into buying more stock. Advanced anti-spam solutions, like those produced by Sophos, are capable of protecting against spam which uses these tricks."
The GIF animation present a few details related to Trimax, recommending a strong buy of the company's stock. Additionally, at 15 seconds intervals, the graphics shift and the "Buy!" message flashes on the screen. Pump-and-dump stock campaigns are designed to artificially increase a company's share value by convincing investors to buy via a social engineering scheme. The inflated stock is then dropped for a profit.
"We have seen image spam being used around the world - not just in English, but languages such as Russian and Italian too," continued Cluley. "It's likely that more and more spam will use the technique to try and get past gateway filters, and computer users should ensure their mailstreams are defended by products which can effectively combat it."