Spammers are using bogus MP3 files to lure people to partake in pump-and-dump stock scams, according to security companies.
Otherwise empty email messages carry MP3 files named after recording artists, such as Fergie, Carrie Underwood, even Elvis.
But the MP3s are recordings of a monotone voice telling recipients to buy stock in a little-known company, giving the stock ticker symbol and directing them to read about the company in the news. With pump-and-dump stock spam, spammers blast messages persuading people to buy a penny stock, then once the stock price goes up the spammers sells their shares at a profit.
According to Sophos, which reported this latest blast, the recorded voice is randomly altered so that spam filters can't detect it.
While acknowledging that the average Internet user isn't likely to fall for this trick and buy stock in the company, Sophos says companies should consider blocking - or at least quarantining - all inbound messages that have MP3 file attachments.
Pump-and-dump spam, which has represented some of the largest spam blasts this year, continues to thrive. Sophos said such spam accounts for roughly 25 percent of all spam, up from 0.8 percent in January 2005.