Mobile Phishers Target Brokerage Customers in ‘Ramp and Dump’ Cashout Scheme

Cybercriminal groups specializing in advanced mobile phishing kits have evolved their operations beyond stealing payment card data for mobile wallet enrollment, now pivoting to exploit brokerage accounts in sophisticated ‘ramp and dump’ schemes.

This shift, as detailed in recent research by security experts, leverages compromised user credentials to manipulate foreign stock prices, circumventing traditional security controls that prevent direct fund transfers.

Unlike conventional pump-and-dump frauds that rely on social media hype to inflate penny stock values, ramp-and-dump operations use coordinated trading across multiple hijacked accounts to artificially drive up share prices without external promotion.

Evolution of Phishing Tactics

According to Krebson Security, once the targeted stock reaches a predetermined threshold, perpetrators sell off holdings, leaving legitimate investors with devalued assets and substantial losses.

The Financial Industry Regulatory Authority (FINRA) has issued advisories highlighting how this manipulation stems from controlled trading by malicious actors, resulting in catastrophic share price collapses that ...