[funsec] How Lucrative is Pump-and-Dump Spam?

Fergie fergdawg at netzero.net
Fri Mar 9 16:50:25 CST 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Obscene. :-)

This is an example of some fun we have been having in the office
the past few months -- watching Moriarty's "fantasy" pump-and-dump
stock investments.

Via the Zero Day Blog.

[snip]

Are pump-and-dump spammers really making money from hyping penny stocks in
e-mails? Paul Moriarty has the answer and it's an eyebrow-raising sight.

Over the last month, Moriarty, director of product development for Internet
Content Security at Trend Micro, has been running a virtual portfolio of
selling short on stocks found during spam runs. After 22 transactions in a
five-week period, he has earned a whopping $25,610.

Short selling (shorting) a stock is the act of profiting from a stock price
going down. A short seller will typically borrow a security and sell it,
expecting that it will decrease in value so that they can buy it back at a
lower price and keep the difference.

During Moriarty's research, he used data from pump-and-dump e-mails
flooding into Trend Micro's spam honeypots. "As soon as I see activity on a
particular stock, I'll short that and set a limit to cover after I've made
10%. In just over five weeks, I've turned a 25.6 percent profit on a
$100,000 virtual portfolio. This is exactly what these spammers are doing.
It's risky business but it's easy money," Moriarty said in an interview.

"I made money on every transaction," he added.

[snip]

More:
http://blogs.zdnet.com/security/?p=119

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.5.3 (Build 5003)

wj8DBQFF8eStq1pz9mNUZTMRAkCGAKD+4OC2iu9u27uQhasjEEXoAxFGYQCg4sAg
5gDoJo6vyI6cCJguI2aOAp8=
=okGf
-----END PGP SIGNATURE-----



--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg(at)netzero.net
 ferg's tech blog: http://fergdawg.blogspot.com/




More information about the funsec mailing list