Stock spam seems to be growing no end. Most recently, stock spam came in such elaborate formats as PDF, XLS, FDF, and even highly obfuscated text that meant to make spam filters’ jobs harder. This shows that spammers are putting much effort in packaging their messages to see which ones work best. This time, however, they seem to be going back to basics with new samples of stock spam such as this:
The spammed email message contains only a link that points to a Yahoo! Finance page where stock information about a certain mobile solutions company is displayed.
With Yahoo name involved, spammers are clearly aiming to add more credence to the stock. Notably, the said page IS legitimate, according to Maria Estella Manly, a TrendLabs Antispam Research Engineer.
What users need to know, however, is that Yahoo! is not in the habit of sending out stock notices to promote certain companies that may or may not be willing subjects of spam campaigns. Manly adds that there are no indications that either the link or the site contains malware, but rather just part of another pump-and-dump scam.
So unwitting users who may have already clicked on the said link and were led to the site are not in actual danger of getting their machines infected, but they may be victimized nonetheless when they put their money into the company in question, in the belief that buying shares will prove profitable. Users need, as always, to exercise caution when dealing with financial matters, especially when conducted online. Perhaps they also need to remember that looks can be deceiving. Even if stock spam has started looking less cluttered, it still poses a risk that is no less simple.