Pump and Dump

No, not something you’d see in a final four game but a method of stock price manipulation.

Two Texas men pleaded guilty last month to running a Pump & Dump scam with the help of a Russian hacker and face a maximum penalty of five years and a $250,000 fine.

The goal of the scam is to purchase a stock, usually a penny stock, at a low price, then by various means, falsely convince people of the value of the stock (the Pump). After the price has gone up, sell the shares at a profit (the Dump).

Cyber-criminals are always looking for ways to monetize compromised computers and because P&D provides just such an opportunity, internet thugs are using two methods of running this scam. The first is simply hire a botnet and have it spew out a large amount of spam extolling the virtues of whatever stock they are trying to “Pump”.

The second method is to compromise a computer with brokerage trading capabilities and heavily trade the stock in their account. After the stock price is bid up, the criminal dumps the shares and the compromised account is left owning the now much deflated stock.

How do you protect yourself from this?

1) Don’t trade off stock tips you receive in unsolicited emails, no matter how good they sound.

2) Protect computers with access to brokerage accounts in the same manner you would one used for on-line banking.

Advertisements

About securitysnapshot

Security Snapshot LLC is a computer and information security company helping concerned business owners protect their reputation and their client's private and personal information.
This entry was posted in Scams. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s