Cybercriminals are shifting from traditional phishing to sophisticated "ramp-and-dump" schemes targeting brokerage accounts, exploiting gaps in multi-factor authentication, researchers say, according to Krebs on Security.
Unlike classic pump-and-dump scams, these fraudsters use compromised accounts to inflate the price of foreign or penny stocks before selling shares, leaving unsuspecting investors with losses. "In this variation, the price manipulation is primarily the result of controlled trading activity conducted by the bad actors," notes the Financial Industry Regulatory Authority. Security researcher Ford Merrill highlighted that these phishing groups, often coordinated via Chinese-language Telegram communities, leverage mobile phishing kits to harvest login credentials and one-time codes, prepositioning victim accounts for stock manipulation. Earlier phishing attacks targeted banks using SMS-based mobile wallet enrollments. Merrill said, "They can buy shares in their personal account on the Chinese exchanges, and the price happens to go up. The Chinese or Hong Kong brokerages arent going to see anything funky." Firms like Schwab, Fidelity, and Vanguard are enhancing MFA options, yet vulnerabilities persist, making brokerage customers the latest high-value targets.
Unlike classic pump-and-dump scams, these fraudsters use compromised accounts to inflate the price of foreign or penny stocks before selling shares, leaving unsuspecting investors with losses. "In this variation, the price manipulation is primarily the result of controlled trading activity conducted by the bad actors," notes the Financial Industry Regulatory Authority. Security researcher Ford Merrill highlighted that these phishing groups, often coordinated via Chinese-language Telegram communities, leverage mobile phishing kits to harvest login credentials and one-time codes, prepositioning victim accounts for stock manipulation. Earlier phishing attacks targeted banks using SMS-based mobile wallet enrollments. Merrill said, "They can buy shares in their personal account on the Chinese exchanges, and the price happens to go up. The Chinese or Hong Kong brokerages arent going to see anything funky." Firms like Schwab, Fidelity, and Vanguard are enhancing MFA options, yet vulnerabilities persist, making brokerage customers the latest high-value targets.
