Pump’n’Dump — It’s All in the Timing

Funny guy: What's the secret of great comedy?
Straight man: I don't know, what is the secret of gr...
Funny guy: Timing.

And timing is also the secret to profitable stock kiting. In my bulletin last week, I quoted Symantec's Amado Hidalgo, who hinted that the Trojan writers appeared to be working to a deadline. Presumably it was a deadline imposed by their stock-kiting scam-masters.

I'm guessing from the date of the blog post that the "burst of almost 1,800 emails" that Hidalgo talks about would have been over the January 20-21 weekend, or certainly before the markets opened on the 22nd.

Yes, timing is everything when encouraging fools to part with their cash. The botnet needs to be ready to spew out its quota of kiting come-ons at what the scammers calculate is just the right moment:

  • Too soon, and they risk clever day-traders buying in on the upswing and cashing out before the scammers do, thus reducing the ill-gotten profits.
  • Too late, and the regulators might take an interest in the scammers' unusual transactions, before the scammers have had a chance to cash out and launder the profit.

Not only that, but the spam needs to be sent in as short a time as possible -- in one, concentrated burst. If it's too spread out, the scammers can suffer either or both of the problems above. I conclude that this is why we're seeing these new botnets sending a load of messages quickly, then falling silent -- as opposed to dribbling out fewer over a longer period.

This new strategy risks quicker discovery, but there seems to be no end to virus writers' ingenuity in infecting new victims' PCs.

... Richi Jennings

One Comment

  1. Posted January 30, 2007 at 10:48 AM | Permalink

    Could there be an arsonist mentality here?

    When I worked at ZDTV/TechTV we loved releasing stories on viruses and malware. Because every time we did our web traffic went through the roof. It became kind of a joke. No story would ever get the traffic that a malware story would get. And so as a result, we loved it.

    But we didn’t get the revenue as did a Symantec or McAfee would get from such a story. As far as I know, my cable network didn’t have an virus writers on the payroll. Could it be possible that these companies do? Not directly of course, but through a chain of connections. I know this conspiracy theory has been brought up many times before.

    Was just wondering if anyone has actually seen tie-ins between virus blocking and virus creators.

    Sounds like a story the Register out of the UK would carry.

  2. Posted January 30, 2007 at 11:00 AM | Permalink

    One more thing.

    When I spoke with Microsoft they said around the holidays spam increases dramatically. Right after Thanksgiving is the biggest time. And their rationale is that’s when people have their pocketbooks open.

    Same is true for advertising. You want to send messages to people at different key moments during the buy cycle.

    Spammers, virus and trojan writers, have the same mentality as Young and Rubicam or Ogilvy and Mather. The difference is those companies have a public image that they want to maintain. The virus writers don’t.

    David

One Trackback

  1. By enemieslist.com: Spam News on February 23, 2007 at 12:16 PM

    Links Roundup

    Pump’n’Dump — It’s All in the Timing Pump’n’Dump Spam Botnets — New Malware Best Anti Spam Software, Anti Spyware Programs, and Anti Virus Software Identified by Consumer ReportsNot sure how much stock to put in this; everyone’s spam load…

Post a comment

You must be logged in to post a comment. To comment, first join our community.