Last week saw the Internet’s biggest-ever spam surge in a single day, and also offered a lesson on why “pump and dump” stock-market spam campaigns have become so prevalent, according to Postini.The campaign was an example of the recent trend of junk e-mail using PDF attachments as a way of getting around spam filters. But Postini said the surge marked the biggest increase in spam it had ever recorded, boosting total spam volumes 445 percent in a one-day period at its peak on Thursday morning.Sophos Labs, which also detected the spam surge beginning on Tuesday, said it intercepted about 500 million PDF spams advertising shares in a particular target company.The massive size of the campaign is unusual, according to Sophos Labs Director Mark Harris. “To date, the trend has been for smaller campaigns that rapidly evolve and modify themselves to try to get round anti-spam products,” he said on the Sophos blog. The campaign had tailed off by Thursday but didn’t disappear—rather, it continued to mutate over the weekend, Sophos said.In the meantime, the campaign appeared to have another notable effect, in that the company targeted a small Florida-based firm called Prime Time Group involved in wireless and retail interests, and as of Thursday afternoon actually saw its share price rise 84 percent from its Monday value, before plummeting again. In response, Prime Time was forced to issue a statement avowing it had nothing to do with the campaign, and even ordered a Non Objecting Beneficial Owners list to track down investors who violated stock-market regulations during the course of the share price fluctuations.Harris said the spam’s effect on Prime Time’s share price shows how such campaigns play on human nature. He noted that many of those who buy into the stock advertised are not necessarily fooled by the campaign, but simply want to get in on the profits that might be generated by the “pump and dump” scam.“While recipients of this type of spam continue to try and profit on these ’tips’ stock, spam will continue,” Harris wrote.— Matthew Broersma, Techworld.com Related content news analysis LogoFAIL attack can inject malware in the firmware of many computers Researchers have shown how attackers can deliver malicious code into the UEFI of many PCs though BIOS splash screen graphics. By Lucian Constantin Dec 08, 2023 8 mins Malware Malware Cybercrime news Google expands minimum security guidelines for third-party vendors Google's updated Minimum Viable Secure Product (MVSP) program offers advice for working with researchers and warns against vendors charging extra for basic security features. By John P. Mello Jr. Dec 08, 2023 4 mins Application Security Supply Chain news New CISO appointments 2023 Keep up with news of CSO, CISO, and other senior security executive appointments. By CSO Staff Dec 08, 2023 28 mins CSO and CISO CSO and CISO CSO and CISO news Top cybersecurity product news of the week New product and service announcements from Coro, Descope, Genetec, Varonis, Cloudbrink, Databarracks, and Security Journey By CSO staff Dec 07, 2023 22 mins Generative AI Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe