Just as they sound, pump-and-dump stocks are promoted (pumped) by their owners in order to inflate the price of the stocks as much as possible so that they may then be sold (dumped) before their valuation crashes back to reality. The spam for these scams tries to convince the prospective mark that the penny stock is actually worth more than its valuation, or that it will soon skyrocket. Most of these claims are either misleading or false.
In a successful campaign, the deluge of spam will help artificially drive up the price of the stock to a point where the scammers decide to sell their shares. This usually coincides with them ending the spam campaign, which in turn reduces the interest in the stock, helping to drive its valuation back to its original low price (which can also be exploited in the market). A well-executed pump-and-dump spam campaign can produce substantial profits for the scammers in a matter of days.
With the world still reeling from the recession, the stock markets are now in turmoil from the increasingly global credit crises and the specter of a “double dip” recession (whereby the economy is expected to again tank after a brief rally). In such a volatile environment, many people may be convinced to invest in stocks that the scammers claim will benefit from the market turbulence.
For example, we have recently observed a spate of penny stock spam promoting Resource Exchange of America Corp. (RXAC.PK) stocks. The message is obfuscated with extraneous line breaks and spaces between the words. Similarly, the email headers contain broken words such as “Stoc ks” and “m oney”. Poorly translated non sequiturs occur throughout the messages (e.g., “United States still an AAA country, Obama says?!”).
Most of the spam is originating from the United States and China, while a percentage is being generated from other countries in Asia. The majority of the attacks target North American users.
Examples of the subject lines of these messages include:
- Stoc ks Ready to Bounce?
- There is a MASSIVE PROMOTION underway NOW!
- Been right on the m oney
Whenever possible, Symantec is blocking these pump-and-dump messages and will continue monitoring this trend to keep our readers updated.