Phishing activity and new boot time malware (MBR) threats reported an increase
More spammers are seeking to benefit from fluctuations in the turbulent financial markets, by sending large volumes of spam relating to certain pink sheets stocks in an attempt to raise the value of these stocks before dumping them at a profit, according to the August 2011 Intelligence Report by Symantec.
In a pump-and-dump stock scam, spammers promote certain stocks in order to inflate the price so that they may then be sold before their valuation crashes back to reality.
The report reveals that spam for these scams tries to convince the prospective mark that the penny stock is actually worth more than its valuation, or that it will soon skyrocket, though most of these claims are either misleading or false.
Symantec said this usually coincides with them ending the spam campaign, which in turn reduces the interest in the stock, helping to drive its valuation back to the original low price.
Further analysis also revealed that there were as many new boot time malware (MBR) threats in the first seven months of 2011 as there were in the previous three years.
An MBR is an area of the hard disk used by a computer to perform start up operations, and is one of the first things to be read and executed by the computer hardware when a computer is powered on, even before the operating system itself.
Analysis also reveals that while global spam levels were lower in August compared to the previous month, phishing activity increased in August, with many increases coming from attacks related to major brand names such as those related to Apple’s iDisk service and a variety of Brazilian companies and services, including social networking and financial brand names.
In August 2011, the global ratio of spam in email traffic declined to 75.9% compared with July 2011, and phishing email activity in August increased by 0.01 percentage points since July 2011.
The global ratio of email-borne viruses in email traffic in August saw an increase of 0.14 percentage points since July 2011.
In August, Symantec Intelligence identified an average of 3,441 Web sites each day harboring malware and other potentially unwanted programmes including spyware and adware, though a decrease of 49.4% since July 2011.
The most frequently blocked malware for the last month was W32.Ramnit!html, which is a generic detection for .HTML files infected by W32.Ramnit, a worm that spreads through removable drives and by infecting executable files.