Recent change in Stock-Spam Tactics (PDF and excel)
Published: 2007-07-22,Last Updated: 2007-07-22 19:14:00 UTCby Kevin Liston (Version: 1)
....This morning I did a bit of comparison with symbols identified in the few PDF files that I had left in my mailbox. Looking at this small sample it seems that these schemes are just as effective in manipulating the stock price as text-only and image-based spam messages.
The consequence of this is that there exists a large population of people with a fair amount of assets in the stock market that willingly open up unsolicited PDF files. This makes for a concerning scenario when a arbitrary-code-execution vulnerability is identified in popular PDF readers.
A reader submitted a report that they were receiving a large number of spam messages consisting of an Excel file. Examination of this file showed that it contained a Pump and Dump message. This could serve as an indicator of another shift if tactics. The VERY interesting part is that the formatting of this Excel file is extremely similar to the first PDF version reported by Maarten. This group appears to target German stock market. I look forward to US penny-stock schemes to employ this technique shortly. I'm similarly concerned about the number of people who will open unsolicited Excel files too.
No comments:
Post a Comment