Slashdot Mirror
SEC Halts Trading on Spam Driven Stocks
goombah99 writes "The SEC has taken action to halt transactions on spam-touted stocks. Presumably this opens an opportunity for denial of service attacks on stocks. However, to be effective spam generally must target penny stocks with historically low volumes and thus the actual capitalized market impact or effect on the companies for a temporary shutdown can be expected to be negligible and transient. One example was given of a touted apparel stock jumping from 6 cents to 45 cents over a period of days before settling down to ten cents a share and near 65,000 or about $6500 in transactions (an eighth of the peak share volume, and a 50th of the peak transaction value). In other words, the market distortion of a brief shutdown, even if it were a DOS attack, would be massively less than the integrated spam surge. The thing I found surprising was that for this to be an effective measure with human oversight then the number of such events must be relatively small in number. From the amount of spam I get I'd have guessed it was a tidal wave."
I don't understand what "spam" the SEC is discussing, here. Didn't we eliminate spam a few years ago when congress passed the CAN-SPAM Act?
And if we're going to halt transactions during periods of heavy spam for a particular stock, why not halt transactions during periods in which pundits in print, radio and television are promoting or demoting particular stocks? Or, even better, how about we just not worry about it in the first place because anyone that is stupid enough to base their investment decisions on email campaigns should suffer their own stupidity.
Your IQ index: 80
./. The higher the score, the easier it'll be for you.
Ideally, you should have an IQ in the triple digits to understand
Let it never be said that you are a little bit anal about spelling and grammar...
But if you paste their own introductory text into their tool, they score 49, 11, and 18. All of these scores are worse than "ideal".
I had no problems with the sentence you had troubles with. I also fail to see why making it hard for all the 12 year olds (and adults with similar language skills) is such a bad thing for Slashdot.
So it finally payed off that I forwarded all my spam to the SEC :-)
The current amount of stocks advertised by spam is human-manageable (see http://www.spamnation.info/stocks/ for a list of about 15 spamvertised symbols), and it will probably stay that way, because there are not that many companies that have the volume and the price such that spam will have an influence on the price; I think that is a very sensible solution for the spam-problem in that domain; I wish they could do something like that for medication-spam as well...
1) these are companies that can't get listed on regular exchanges. Either they're too new or small to afford the fees, or they don't have the financials that the exchanges require.
:) )
2) this is a big one: the market makers may not report every single transaction and every price change, or every minute or hour. You're used to seeing the market change, and having updated info pretty quickly after a trade. "Real time level 2 quotes" and all that. Guess what? These are thinly traded. Some report daily. Some report every couple of days. Some report weekly. Unless you check, you don't know. If you see stock trading for 5 cents one week and 25 cents the next week, you don't know if it really is going up, or if it went to 10 dollars in the middle of the week, and all the pumpers jumped, and 25 cents is the reported figure on the way back down. You just don't know.
Go here for some more information. Really. Don't think about these without being sure you know the risks.
(Also, I have to say, while the information I gave in #2 was deemed correct when I worked for a broker, I was never a licensed broker myself. So don't take my word for it still being completely true. I see that a company called pinksheets.com offers what they say are real time quotes now for dealers, but they're neither a NASD broker-dealer nor SEC-registered, so... who knows what that means? Ask your broker and do your own research. Be sure and ask your broker what it means when you try to sell "at market" on a pink sheet, too, if you're assuming you're going to be able to get out quickly
Presumably this opens an opportunity for denial of service attacks on stocks. However, ... the market distortion of a brief shutdown, even if it were a DOS attack, would be massively less than the integrated spam surge.
Two platitudes:
- In a race between weapons and armor the weapons eventually win.
- To end a war you must defeat the enemy.
My bet: Once this goes into effect the spammers will adapt. Expect the result to be a bigger problem.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
By the time the SEC decides to act, the pump and dump is already over. These scams happen in the space of a few days. Blocking trading on a group of stocks that have already been pumped and dumped is futile. As the submission suggests, if they could act promptly by blockign trading immediately after a spams, that would effectively be a DoS attack on a stock trading, any spammer could initiate one. The SEC needs to go after the spammers, not the stocks.
Because people are stupid, they will fall for this stuff, cause problems for others then demand from their leaders that something be done.
The phrase "more better" is acceptable English. suck it grammar Nazis
The SEC said it launched an enforcement effort to protect investors from potentially fraudulent spam e-mail promoting small company stocks with phrases like, "Ready to Explode," "Ride the Bull" and "Fast Money."
Now, Fast Money I get. But if I saw the phrase "Ready to Explode" in spam, to me that would suggest something pretty far from small company stocks.
And "Ride the Bull" is something else entirely...
Karma police, arrest this man. He talks in math. He buzzes like a fridge. He's like a detuned radio.
They have this. It's called hotmail.
Help stamp out iliturcy.
I second that opinion. This test is just another lowest common denominator search tool. It makes it easier to write text for children, which is good if you're writing for children, but perhaps not so good if you're writing for adults. Remember, to reach the sky you must aim for the stars. If you instead aim for the smallest child you can see, I think you're not doing so well.
:)
And not only because you're aiming at innocent children.
All this does is give bad guys a new way to extort money from companies. "Hey, Mr. CEO! Wire $50k to my egold account by Friday or I'll send pump&dump spam and get trading suspended on yoru company's stock."
The right answer is to unroll these trades and see who is profiting. Then start doing some analysis on the brokerages associated with these trades, because I'm willing to bet we're talking about "less reputable" brokerages. Now pull their securities dealer's license. Do you think that would cause other brokerages to look more carefully at sudden large volume trades on previously thinly-traded stocks? I do.
"I'd rather be a lightning rod than a seismometer." -Ken Kesey
Pump and dump violates the securities laws, right? The SEC's own web site calls them "fraudulent".
So why can't they track these guys down and prosecute them? The SEC has a pretty good investigative force. They tracked down Martha Stewart. They subpoenaed her phone records and everything.
You have to buy these stocks from a broker, so that leaves a paper trail. They have to report stock purchases to the IRS, if nothing else. You can't buy stocks with stacks of currency, can you?
The guys who are behind the pump and dump schemes by definition will buy the stock at the beginning, send out 10 million spam to get the suckers buying, dump the stock when the price goes up, and leave the suckers holding the bag.
So why can't the SEC track these guys down through the brokers, and prosecute them for this pattern of buy and sell that is obviously fraudulent?
Will somebody who understands this better than me explain to me why the SEC can't enforce the law?
It's time to stop tolerating ISPs that tolerate infected PCs. Is spam the only thing a zombie can do? No. Will this stop ddos botnets? Not a chance. One thing at a time, and spam leaves a trail. The Heinlein strategy: ~when you don't know how to solve a problem, do any part of it you do understand, then look at it again.~
Get as many as possible of the major email services - gmail, hotmail, yahoo, aol, all their equivalents in other countries - to backtrack inbound spam envelopes to a retail ISP. Crank up the heat on the worst offenders until they shut off zombies. Private warnings, name and shame, SMTP brownouts and blackouts, BGP blackhole.
The ISPs all have AUPs. Seems simple enough: they warn spam sources, point them at instructions and commercial offers of help for a full disinfect, then if they stay infected shut them off until they pay for an ISP-provided (and expensive) brainwipe. That'll make lots of new niches in which the scum who'd otherwise be sending spam can turn a buck, and take the load off everybody but the clueless.
Now, obviously, this is *too* simple somehow, or otherwise somebody'd be doing this already. What is it?
As always, all IMO. Insert "I think" everywhere grammatically possible.
First of all, the fraudsters aren't stupid enough to leave (much) of a paper trail; its common for them to use brokerage accounts compromised by phising. They execute their pump'n'dump via a stolen account, and by the time the dust settles the funds have been transferred.
Secondly, many of these folks operate from abroad and the amounts involved - in any single fraud - just aren't large enough to warrant the intervention of The Feds. Sad but true.
Because the market for these shares is so thin - most of the pink sheets companies will have market caps of less than one million dollars - the criminals can't fraudulently run huge amounts of money. So they perform a large number of smaller transactions.
Short of some organised crime indictment, The Feds won't get involved as the individual amounts are so damn small.
A message from our sponsor
The stock spam and pump-n-dump activities; while they do pose a threat to our financial systems, these actually represent the last step(s) in the chain for some very serious and very brilliant criminal activities. There is a much, much bigger story going on here that the public are not being told about.
Permit me to break it down for you:
The Phishers will phish usernames and passwords for brokerage accounts, or they will collect the information from personal users by means of a trojan. The criminals log into these accounts and schedule sell orders for whatever stocks they are holding, and schedule buy orders for the penny stock they are going to pump-n-dump. Then they walk away.
They execute the spam, eager traders read the spam, look at the account and see that volume of shares purchased have been bought up in the past n-hours and they jump in. The pumpers have bought their stock before hand and once the volume peaks, they dump. The account holders whose accounts were compromised are left holding the pumped-dumped stock...
The criminals are getting GOOD! They don't need to worry about transferring money out of the compromised brokerage accounts, they are stealing the money and laundering it all in the same step.
And it should be no big surprise that the criminal organizations behind the whole operations is the Russians.
Welcome to professional bank robbery in the 21st century.
*NOW* this is not to say that the traditional "boiler rooms" don't exist. They most certainly do and they continue to pose a serious problem which the SEC has addressed for many years. What is new is this most recent innovation that targets retirement accounts, day traders and even the average investor. The "tens of millions of dollars in losses" mentioned in TFA are coming from liquidated brokerage accounts. The SEC is in a panic to shore up or stop this exploit by suspending trading on pump/dump stocks. They're hoping to stem the hijacking of retirement funds by stopping the ability to get the money out.
See, when you view it through the proper perspective, within this greater context, now it makes sense as to why the Russian spammers and bot masters have suddenly gotten involved in the game.
I personally have communicated with the scammers & spammers, some of the conversations I have written about on my site, which includes screenshots of bank accounts that have been compromised by phishing, etc.
Good security is based upon reality and common sense. Common sense is a function of having common knowledge.
Do you even lift?
These aren't the 'roids you're looking for.
If you do research (via google) on almost any stock spam email you get, you will undoubtedly find yourself either at or reading a press release by 'bullishalerts.com'. For the life of me, I don't understand why this company / website still exists. It's clearly somehow intimately related with the spam as this place just happens to put out and then widely distribute through the web (as opposed to email) all sorts of press releases and other nonsense coiincidentally timed with waves of equivalent spam. the thing is, this is not some website in Nauru - they claim to have an office in downtown Philadelphia. The website, complete with vague nonsense crap and 8th grade writing sort of hints at the caliber of people running it - so why in hell hasn't the FTC or SEC done something?