Bloomberg reports that the FBI is stepping up its efforts to thwart a new Internet scam that combines online identity theft with old fashioned stock fraud. Crooks install keystroke-logging programs on computers in hotel business centers and Internet cafes. When investors use the public computers to check stock holdings or make a trade, their usernames and passwords are captured. Then, in a variation of the old pump-and-dump scheme, a member of the crime ring opens an online-trading account and buys shares of a low-price, thinly traded stock. They then access the investor’s account, empty it and use the money to buy more of the securities they already own. E*Trade spent $18 million in last year’s third quarter to reimburse customers whose accounts were pilfered. TD Ameritrade Holding said it spent $4 million.
IDG reports that more and more spammers are using encrypted attachments in order to evade filtering systems. Many spam filtering systems can’t scan inside e-mails containing encrypted or password-protected attachments. Without a rule to block such attachments, most systems will pass on the e-mail to recipients.