Big pump and dump stock scam flooding email inboxes again
June 23, 2014
Unless you're one of the people who hasn't opened their email inbox lately, or you subscribe to a spam filtering service, you are probably well aware that there is an ongoing penny stock pump and dump scam flooding email inboxes.
This particular spam run is pumping a little known stagnant stock trading as RNBI. This scam has been happening for most of the last week and continues as of this writing. It has already been covered by Dynamoo's blog and several other spam fighters. This stock was discredited shortly after its initial pump campaign, about a month ago. It is in effect, a shell company. The big players already own all the stock and are trying to pump it up then sell out at a profit, leaving Internet investors (the marks) as big losers.
The pump and dump spam emails often forge the name of well known stock trading companies and communities, like "Investors Hub." Today, they were using the "From" name: Money Runners. Tomorrow it will be some other forgery. Also, I have found that the messages including clickable links were all to non-existent domains. A scam all the way through!
At first, the spam emails mentioned the stock by its trading symbol. This only lasted about a half day. The next wave shifted the stock symbol to the "alt" attribute of an embedded image, in the html version of the body text. That persists today in some of the messages I captured. Basically, these scams are image spam, but containing gigantic paragraphs of nonsense sentences having nothing to do with stocks. Most of this junk text is buried behind a green or other colored background, below the actual spam image, which contains grandiose wording and the pumped stock symbol.
Today, I saw a brand new tactic used by the spammers to try to evade detection (it didn't work on me guys). Some of the spam emails are now using attached virtual business card files to carry the scam message. To avoid seeing the come-on, don't click on the link to open the attachment card. Avoid getting involved with pump and dump scams, unless you are prepared to part with most or all of the money you invest in them.
As always, I have been on this scam since I first saw it, updating my spam filters for MailWasher Pro users. I will continue to update my filters to fight this scam until it runs its course and disappears like they always do (when the perps cash out). If you don't use MailWasher Pro to filter out spam, and you use a desktop "POP3" or "IMAP" email client (program other than a browser), and you only have rudimentary spam filter rules provided by the email client, MailWasher Pro will be of use to you. There are both desktop and mobile versions available.
If you don't or can't use MailWasher Pro, perhaps because you only do email via http using your web browser, you may still gain useful insight by examining my spam filters. Using my spam filter conditions as an example, you may be able to cobble together some spam filters on your own, applicable to your email provider's user options.