How lucrative is pump-and-dump spam?

How lucrative is pump-and-dump spam?

Summary: Are pump-and-dump spammers really making money from hyping penny stocks in e-mails? Paul Moriarty has the answer and it's an eyebrow-raising sight.

SHARE:
TOPICS: Security
7
Are pump-and-dump spammers really making money from hyping penny stocks in e-mails? Paul Moriarty has the answer and it's an eyebrow-raising sight.

Over the last month, Moriarty, director of product development for Internet Content Security at Trend Micro, has been running a virtual portfolio of selling short on stocks found during spam runs. After 22 transactions in a five-week period, he has earned a whopping $25,610.

Short selling (shorting) a stock is the act of profiting from a stock price going down. A short seller will typically borrow a security and sell it, expecting that it will decrease in value so that they can buy it back at a lower price and keep the difference.

During Moriarty's research, he used data from pump-and-dump e-mails flooding into Trend Micro's spam honeypots. "As soon as I see activity on a particular stock, I'll short that and set a limit to cover after I've made 10%. In just over five weeks, I've turned a 25.6 percent profit on a $100,000 virtual portfolio. This is exactly what these spammers are doing. It's risky business but it's easy money," Moriarty said in an interview.

"I made money on every transaction," he added.

On the other hand, if he were to have fallen victim to "hot stock" e-mail tips and invested and held, Moriarty's portfolio would have been down 27.6 percent.

Pump and dump (shorting) chartMoriarty shared his research with me after the SEC's announcement yesterday that it had suspended trading in 35 companies whose shares were promoted in spam e-mails. (See more from Larry Dignan)

Although the SEC move is to be applauded, Moriarty sees it as a double-edged sword that creates an even bigger problem.

"Pretty soon, you'll start seeing extortion schemes. The spammers will simply call up a company and demand money on the threat of a pump-and-dump spam run. Think about it, a spammer now has the power to control which stocks are suspended by the SEC," Moriarty warned.

"Pretend I'm a bad guy and you're the CEO of XYZ company. I can call you up and say, 'hey, wire $50,000 to my eGold account or I'll run a pump-and-dump scheme to halt trading on your stock. This is the next step," he added.

Botnet operators controlling billions of zombie machines commonly use extortion tactics against online gambling sites and other companies, threatening to launch crippling denial-of-service attacks if random demands aren't met. In Moriarty's mind, denying a company the ability to trade on the stock market isn't any different.

"I'll bet you a dollar to a donut that we'll see pump-and-dump extortion schemes, playing on the SEC move. They have the power to use spam to halt stock trading. They already have access to the botnet to do it so it's free and easy to them.

Topic: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

7 comments
Log in or register to join the discussion
  • Maybe go after the Zombies

    If your computer is Zombied, it can be tracked down, and your ISP absolutely blocks your computer until it is "fixed". For Zombied machine's elsewhere in the world, could not the worlds backbone apply the same filtering. Become a Zombie, get your traffic blocked. It takes a lot of effort to begin with, but I have personally tracked 30-40 zombied machines, contacted the ISPs and in about 1/2 the cases (1/2 the time they could give a crap, it costs money to do something), they take the machine offline.

    If you eliminate the tools of the trade, the problem goes away.

    TripleII
    TripleII-21189418044173169409978279405827
    • Better

      Since MS-WINDOZE is the one weak link in the whole system, we should just eliminate it and solve the problem. The MicroShaft zealots will wail and gnash their teeth but even they can't dispute the fact that EVERY ONE of those spambots is an MS-WINDOZE klone.
      ------------------
      Nobody expects the Spanish Inquisition!!
      Imaginos1892
      • That's just stupid.

        If you don't use Windows then you should be thankful that Windows exists. If it didn't, then all of the spam, viruses, zombie-bots, etc. would be aimed at whatever system was dominant - Linux, Mac, whatever.
        Beat a Dead Horse
        • Deja Moo again

          We've seen this bull#### before too. There are currently over 120,000 viruses, trojans, spybots, adware and other assorted nasties circulating in the MS-WINDOZE ecosystem. As of today, Linux and MacOS X have....exactly....ZERO. Not one single virus has managed to infest a Linux or MacOS X system and spread itself to another one. There are over a hundred demonstrated ways to turn MS-WINDOZE into a spambot. So far there is NO known way to do the same thing to Linux or MacOS X. However many bits of malware may be "aimed" at 'em, so far, thar ain't no target to hit.
          -----------------------
          Bailiff! WHACK his pee-pee!!
          Imaginos1892
          • Patently false.

            "There are currently over 120,000 viruses, trojans, spybots, adware and other assorted nasties circulating in the MS-WINDOZE ecosystem. As of today, Linux and MacOS X have....exactly....ZERO. Not one single virus has managed to infest a Linux or MacOS X system and spread itself to another one."

            That is simply untrue. After a 30 second search, I found:

            http://www.linux.org/news/2006/04/10/0003.html
            http://antivirus.about.com/od/macintoshresource/Macintosh_Viruses_and_Mac_Virus_Resources.htm
            lutherlarry
  • RE: How lucrative is pump-and-dump spam?

    It's now three years later, and I wonder what happened to the pump-and-dump spam schemes. I used to get lots of that kind of spam, now it seems to have all shifted to Viagra, Cialis and other ED medications from shady on-line pharmacies. One of my accounts is about 33% junk mail of this type, 67% real email.
    Tony R.
    • Now the perps are doing it via mobile spam

      I just received 3 text messages to my cell phone in the last 3 days pushing FLMG. They come from AIM and tell you to visit a site at weebly.com

      I had to disable SMS messages that do not originate from a cell phone number.
      Bean Fuzz