Spam Likely to Hit TD Ameritrade Victims

Sophos is warning the TD Ameritrade's customers to be on red alert against targeted spam emails

Dark Reading Staff, Dark Reading

September 17, 2007

2 Min Read

BOSTON -- With international online broker firm, TD Ameritrade, last week admitting that hackers had gained access to its database of 6.3 million customer email addresses, IT security and control firm, Sophos, is warning the firm's customers to be on red alert against targeted spam emails.

Sophos has already gained proof that hackers are trying to exploit these stolen addresses for commercial gain, with its worldwide network of spam traps blocking a phishing campaign, in which cybercriminals try to coax recipients to a spoof TD Ameritrade site in an attempt to capture user IDs and passwords. A graphic of this phishing email can be found at

TD Ameritrade, which was forced to disclose this data breach under U.S. state law, has assured customers that their username IDs, personal identification numbers, passwords, date of birth details and Social Security Numbers were not accessed by the hackers, but it has apologized for the unwanted spam that the capture of these millions of email addresses is likely to generate. However, Sophos points out that the disclosure of email addresses alone can be used to exploit internet users out of their hard earned cash.

"Hackers are now in possession of 6.3 million email addresses for people that they know are interested in trading shares. This knowledge alone could spur the creation of highly targeted spam emails, such as 'pump and dump' campaigns, which offer bogus share tips to artificially boost stock prices. We've already spotted 'spear-phishing' campaigns where criminals send emails posing as TD Ameritrade in order to extract additional personal information," said Graham Cluley, senior technology consultant, Sophos. "TD Ameritrade customers globally should be extra vigilant when responding to emails that appear to come from the company and should immediately check to ensure that their accounts haven't been fiddled with. They should also change their passwords and run an anti-virus check to make sure their own computers haven't been compromised."

Sophos plc

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights