The Securities and Exchange Commission said that its actions to freeze proceeds from a suspected high-tech pump-and-dump stock scheme and its suspension of stock trading on 35 companies touted in spam are two unrelated incidents.
Others beg to differ.
Dimitri Alperovitch, principal research scientist at Secure Computing, described such spamming and pump-and-dump schemes as part of the same unified spam economy.
Profits from that economy start at botnets or zombie PCs, which are rented out to spammers. Spam goes out touting the value of a chosen company. Excited victims buy into the scheme and buy up stocks in the touted companies. The spammer within a few days sells the stock, pocketing a tidy profit, leaving victims with stocks that are virtually worthless.
“A lot of these guys we believe are renting botnets from spammers distributing Viagra and other types of spam,” Alperovitch said in an interview with eWEEK. “A lot [of the botnet controllers] may be getting paid in … the stock of the company theyre trying to promote. They can use the increased price of the stocks to sell it off and make their profit that way.”
With the ill-gotten profit, he said, the spammers/pump-and-dumpers then buy stock in another company whose value they will tout, and the cycle begins anew.
Helene T. Glotzer, associate director of the SECs Northeast Regional Office, told eWEEK that the SEC has been grappling with how to deal with spam e-mail for some time now. Although the Commission has taken action in the past, she said, this is the first time its tried to do so on a widespread basis.
“We thought it would be a good way to get messages out to investors based on that they should never invest based on spam,” she said.
This is the way the boiler room operators have come to operate, replacing the phone calls they used to make 20 years ago to generate interest, Glotzer said. Within a space of time of the spam e-mail being sent out, theres a spike in price. After a few days, the stock pumpers dump their stock and leave investors with “just about worthless stocks.”
The SEC “will continue to monitor spam and issue trading suspensions whenever we find inappropriate,” she said. “Were also invested in investigating companies and entities and individuals profiting from these spam: Is there any role the company itself was playing, or was it a victim of a spam campaign?” she said.
It relies on working with regulatory companies, she said, and looking at trading price spikes.
The SEC has found that many of the 35 companies suspended last week had been involved in numerous spam campaigns over the last few years. The common scene is these companies trade on pink sheets, she said.
“These companies dont have to file financial statements with the SEC, brokers dont have to do due diligence before theyre allowed to solicit investments for them.”
Spam Well over 90
Percent of all E-Mail”>
That makes it harder to find information, but theres still a lot of public information out regarding recent names theyve gone by.
You have to use common scene with these companies that trade on pink sheets, she said. “The problem is, investors have a bit more of a challenge in doing their homework before they invest. One company is involved in developing software to combat spam, ironically enough.”
Secure Computing estimates that 30 percent of all spam is stock spam at this point, and spam itself makes up “well over 90 percent of all e-mail,” Aperovitch said in a conversation with eWEEK. That is up from over 70 percent a year ago.
“Weve known the SEC was looking at this for quite some time, actually,” he told eWEEK. “The companies theyve actually temporarily suspended are some of the ones that have been involved in the most numbers of spams, going back to the June or May timeframe,” he said. “Theyve been responsible for frauding of many people.”
Up to 1 percent of shares being traded are spam, if you look at those companies, Aperovitch said. “We have to suspect most are fraudulent.”
The clues to fraud are companies that are changing names several times over the months. They have no products, he said, and no revenues on books.
“Theyre using same techniques that other types of spammers and phishers are using,” Aperovitch said. Theyre using zombie machines and botnets, in other words.
“Whats interesting about this is that if you look at detailed information about how these stocks have been traded, you see these compromised accounts theyre using are selling the stock from one account to another and artificially increasing the stock for it,” Aperovitch said.
The stock is being sold for $1.50, and that becomes the average price of stock, he added.
The user, when looking at chart for stock, see increase in price, and theyre thinking, just like spam predicts, that the price is going up. “I better get in on the stock now,” a consumer thinks, and of course theyre victims in the end.
Secure Computing claims that botnets are increasing, with a 100 percent increase of new zombies.
Due to the economic growth in China, Aperovitch said, with the shift from most zombies being in use to 20 percent located in China and growing daily, he said.
Is there any hope? The situation in the United States is improving as ISPs are starting to be more vigilant about home machines, Secure Computing said.
ISPs are shutting off ports, thankfully, Aperovitch said, specifically targeting port 25. Unfortunately, its a global problem at this point and because of that, botnet owners are migrating to countries not as hip to turning off port 25, he said.
Hopefully, with time, those countries will realize theyre being harmed, their citizens are being harmed, and the policing will turn off zombies abroad, Aperovitch said.
Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.