Mobile Phishers Target Brokerage Accounts in ‘Ramp and Dump’ Cashout Scheme

What’s new: Cybercriminals are increasingly targeting brokerage accounts using sophisticated phishing kits to execute a ‘ramp and dump’ scheme. This method involves manipulating stock prices by using multiple compromised accounts to buy shares and then selling them after inflating the price, resulting in significant losses for unsuspecting investors.

Who’s affected

Customers of major brokerage platforms, particularly those using SMS-based multi-factor authentication, are at risk. The phishing attacks exploit vulnerabilities in how these platforms handle authentication, allowing fraudsters to gain access to accounts and manipulate stock prices.

What to do

• Implement stronger multi-factor authentication methods that are less susceptible to phishing, such as hardware security keys.
• Educate users about phishing tactics and the importance of verifying communication from brokerage firms.
• Monitor accounts for unusual activity and report any suspicious transactions immediately.
• Encourage the use of mobile apps for authentication rather than SMS-based methods.

Sources

• Krebs on Security