Mobile Phishers Target Brokerage Accounts in ‘Ramp and Dump’ Cashout Scheme

What’s new: Cybercriminals are now targeting brokerage accounts using sophisticated phishing kits to execute a ‘ramp and dump’ scheme. This method involves manipulating stock prices by using multiple compromised accounts to buy large volumes of targeted stocks before selling them at inflated prices, leaving legitimate investors with significant losses. The FBI is investigating this trend, which has been linked to a Chinese-language phishing community selling advanced phishing tools on platforms like Telegram.

Who’s affected

Customers of major brokerage platforms are at risk, particularly those using services that rely on SMS-based multi-factor authentication. Firms like Schwab, Fidelity, and Vanguard are mentioned as potential targets due to their authentication methods being susceptible to phishing attacks.

What to do

• Implement stronger multi-factor authentication methods that are less susceptible to phishing, such as hardware security keys.
• Educate users about phishing tactics, especially those that spoof brokerage communications.
• Monitor accounts for unusual trading activity and report any suspicious behavior to the brokerage immediately.
• Encourage users to verify the authenticity of communications before clicking on links or providing sensitive information.

Sources

• Krebs on Security