Slashdot Mirror
New Flavour of Spam - MP3 Stock Scams
An anonymous reader writes "Spammers are back with a new trick, this time round sending messages with MP3 attachments that contain the latest pump-and-dump stock scams. One sample identified by Sophos was a heavily distorted 30-second MP3 file. A synthetic female voice was used to promote a particular stock. Says Graham Cluley, senior technology consultant at Sophos: 'Although the spammers seem to have a fair bit to learn about machine-generated sales patter, some companies might consider blocking all MP3s in email as a matter of course. So many music files infringe copyright, and it can be hard for a company to establish which ones are legal and which are not after they have arrived. Blocking MP3s, or at least quarantining until requested by the user, can be a good way for a company to take a proactive stance against the use of email for illegal file sharing. It also has the benefit of neutralizing this sort of spam at the same time.'"
Let's not get hasty. Some of us rely on those daily pump-n'-dump stock scams to support our families.
Won't you think of the shady day-traders?
Although the spammers seem to have a fair bit to learn about machine-generated sales patter, some companies might consider blocking all text in email as a matter of course. So many text files infringe intellectual property and patented business methods, and it can be hard for a company to establish which words are legal and which lemmas are not after they have arrived. Blocking all letters, or at least the letters J-M and all the vowels until requested by the user, can be a good way for a company to take a proactive stance against the use of email for illegal and/or infringing message sharing. It also has the benefit of neutralizing this most spam at the same time.
They who would give up an essential liberty for temporary security, deserve neither liberty or security - Ben Franklin
So, who thinks the RIAA is behind this?
-- What you do today will cost you a day of your life.
I prefer the 'u' in flavour - Hannibal Lector
I hate when a certain file type gets blocked. Just today I had to rename my exe files so that I could send them in gmail... even though they were zipped! Yes, gmail actually looked inside my zip file to see if there were any exe files...
So of course, now the instructions to use my script have to include renaming exe files after unzipping.
W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
... sound so rich you can almost see the pink and taste the meat.
"There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed H
The realize the real victims are the rest of us who suffer the extra traffic on the internet and in our mail boxes, but who is smart enough to check email, play an mp3 file, and have money to lose and yet still be dumb enough to fall for this?
This isn't a scam, it's economic darwinism.
Unlike pictures or HTML, people don't usually get a lot of MP3s via mail. Companies, like the article said, don't at all. People usually either use FTP or P2P access to get their MP3s illegally or through iTunes or similar services legally. And if they don't know what an MP3 is, they won't see (or hear, in that case) the spam at all, afaik there's no built-in support for MP3 in the various mail programs (and if there is, that's at best a reason NOT to use a certain mail client).
So I'd guess this is a short lived problem.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
I wonder is they thought about how the MP3 play in PINE?
is if they were encoded in FLAC, because I am audiophile connoisseur.
Are they pumping Aperture Science stock?
No kidding!!! What do you say at this point?
If they'd just block any e-mail with headings containing "penis" and "enlarge" half my spam would go away. I think I can survive loosing the odd e-mail a friend sent me about how he enlarged his penis.
I thought the 419 stuff was lame. I'm amazed that anyone would actually invest in a stock based on a spam message. Is the pool of idiots with investment dollars actually big enough to allow the spammers to make money?
[Insert pithy quote here]
Maybe sometimes it is better that Linux doesn't have such a great market share.
My rights don't need management.
"...it's hard to believe that many internet users will fall for such an amateurish presentation..." Surely not, which leads to the real question of why spammers are doing it. No one who retains their services could be dumb enough to believe this would work. (In fact, the WSJ once built a portfolio of penny stocks that were spam targets, and they didn't even see a "pump" in value, just a decline.) This is an area where I'd like to see some investigative reporting done by a tech savvy reporter who could find out who these spammers are and who bought their services. To waste bandwidth? To distract us from other spam that's smaller but more accurately targeted? Defamation of a company by rivals? Getting into the spam underworld would be risky (one spammer died in a spam turf battle recently) but it would be interesting to know who buys the services of these spammers for these PDF, MP3, image, etc spams and why they're doing it.
Maybe we should just start taking a supremely draconian stance on this. Someone comes down to the police station saying that all their money is gone because some email scammer stole it? Shoot them in the head. Then use their bank records to track down the scammer, and shoot them in the head, too. If you can't find the scammer, that's okay. Soon enough their pool of victims will dry up due to head/bullet related activities.
You'd think this wouldn't work, because people would stop coming down to the police station because they heard people were getting shot in the head. But then again, you'd also think that email scams wouldn't work because people keep hearing about other people getting ripped off by email scams. Those people will fall for anything. The cops can just send out an email about it. "Got ripped off by a scammer? Come down for free $$$! No h3ad shotz for sure!"
UTF-8: There and Back Again
I had never received one of these .mp3 spams. Until I read this story. The very next email I received was, sure enough, an .mp3 pump-and-dump.
At least, that's what I assumed. The filename was gloriaestefan.mp3 but I didn't listen (duh), so I can't be certain.
Well hold on there, I've got a nice new shiny VOIP line at home, guess how the answering service works? That's right, MP3s in my email...
But there is a group of people who THINK that they can ride on the scammer's pump-n-dump scheme and make some money on the up-side of the pump.
... but feel okay about trying to make some money off of one.
These are the people who know it's wrong and don't have the guts themselves to run a stock scam
I didn't say they were very smart.
I cannot find more details...
Maybe there's more to this than meets the eye? WinAmp (still widespread) has had multiple arbitrary code execution vulnerabilities in the past, through ID3 tags, the mp3 stream itself, etc. I wouldn't be surprised if someone found similar things in iTunes or Windows Media Player as well.
Are those mp3s sound recordings only?
... is how they'll manage to misspell the words in an mp3?
I'm waiting for a "-1 somepeoplejustshouldn'tgetmodprivileges" meta-moderation.
Strap on your tinfoil hats, gents. The RIAA stoops to a new low... poisoning the well for all of us who love to email terabytes of illegal MP3s to our co-workers.
Ya, sounds like a huge problem facing companies today. Tech journalism rocks sometimes.
We need a setting to block all mail that has an attachment that is NOT on your contacts list, with an auto-reply explaining this. They sender would then know to send a normal email first, requesting that you put them on your contact list.
excitingthingstodo.blogspot.com
It was pushing some uranium-mining company in Canada or something. No real contact info on it. Lord knows how I got on that list - probably one of the e-merchants I bought laptop parts off of in the last few weeks.
PHEM - party like it's 1997-2003!
If only they would use actual copyrighted MP3s when sending their spam*. I'd love to see the eventual RIAA-spammer fight. No matter who loses, we'd win.
*I could actually see this happening, if spammers start luring in users by harvesting random MP3s found on botnets and appending their audio spam to the end of the file.
Shameless plug for my photos on Flickr
Ok, you know that ramen noodle commercial where we see this hawt japanese chick bobbing her head up and down, slurping on something that's just below the bottom of the screen, we all think it's wang but we then see it's an instant ramen cup? Just imagine if it wasn't ramen and the symbol of the stock in question was written on her forehead. Five minutes of knob-slobbing action, brought to you by the fine folks at ABC Corp. Spam this out to a hundred million people and just see the results you'll get!
Wow, that spam plan is so evil, I think the Russian mafia is coming to kill me.
Kwisatz Haderach
Sell the spice to CHOAM
This Mahdi took Shaddam's Throne
I just checked. Lotus Notes does support MP3s. I don't know if they use the codec from the OS or if they implement their own, but when you say to view the file, it opens a new tab and plays the MP3.
Why you would thank that supporting file types would mean that you should not use an application is baffling.
Such a stance reminds me of this old Polish joke (for some reason, we've got quite a lot jokes about a shepherd): The police enters shepherd's house and finds moonshine-making equipment. - Well, shepherd, we're going to charge you with illegal moonshine production! - But I'm not making it! - But you have the equipment. - Well, then, charge me with rape as well. - Why, did you rape someone? - No, but I've got the equipment!
This is Slashdot. Common sense is futile. You will be modded down.
It's a pretty dubious practice to determine legality and spaminess of content by file type. I am sure it will not take spammers long to send wav, wma or aac promotions instead. In the meantime, file shares can trade mp3.bz2 files. Already we have to send .zippy attachments to each other here because all zip files are blocked as virus carriers.
Besides the fact that such attachments are easy to identify and block, like the image span became, the problem for spammers is the reduced rate of return. The bigger the attachments they send out, including PDFs and Excel spreadsheets, which have take over for image span lately, the fewer they can send out with whatever bandwidth they've managed to steal with their botnets.
This reduces their rate of return on the spam, and encourages them to try to find ways to minimize the size of the spam so it can get through defenses and enable a greater volume of spam. Volume is the key to spam - if they can't send millions, they don't make enough money to make it worthwhile.
MP3's are pretty big - 3-5MB depending on the length of the material. Compared to a normal email text message, or even an Excel spreadsheet, they're huge.
So I suspect this is a temporary thing that will reduce in volume, just as image spam has reduced in volume lately from 30% of spam to around 5%.
What people are seeing now is more "blended" spam - spam with links to malicious Web sites. This sort of thing goes right through spam detectors, since the email itself can be innocuous - it's the links that contain the malware and the actual spam package.
Richard Steven Hack - This sig is TOO GODDAMN SHORT TO DO ANYTHING USEFUL WITH! MORONS!
I received one of these, except instead of a stock spam, it was some annoying woman repeating over and over, "What the fuck do you think you're doing?"
Oh, say does that Star-Spangled Banner entwine / The myrtle of Venus with Bacchus's vine?
I remember sound ads in emails years ago, thats why i now leave my speakers off unless i want to listen to something.
It also eliminates the nosies people stick on webpages as well.
---- Booth was a patriot ----
I never understood how image spam, and to some extent even HTML spam, lasts so long without being quickly crushed by filters. An email that has any sort of attachment (sheesh, even a PGP/MIME signature) is either spam, or it's from someone I know (i.e. whitelisted).
Countering audio attachments should be absolutely trivial if you have a filter, and it's hard to imagine that anyone is able to use email without a filter these days. If it has any attachment and it's from someone you've never corresponded with before, it's spam. It'll get caught.
No?
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
I need a nice mechanical female voice to keep me company tonight. I don't care what stock she's... ummm.. pumping.
A whole new meaning to the term "pump n dump"
Hopefully I didn't put any [] around my words.
I got three or four of these today. I think they will be a pretty short lived trend for a couple of reasons:
You can't understand it. Think a million times worse than Max Headroom on a cell phone. It's so noisy and distorted that you can barely make out that it is a female voice much less interpret the stock symbol she is attempting to SPELL! I have a nice noise canceling headset for my phone and still have to use the phonetic alphabet to spell things on the phone. How do they expect this to work?
They are huge. Mine passed my spam filter simply because I've never had a spam bigger than 100KB, so I haven't ever bothered to filter them. I guess things like the Storm botnet are changing the limits of this, but still, 100KB is 10-100 times the amount of data vs a normal spam that you have to send out to plaster your message onto everyone's inbox.
The real take-home message here is that while there is quite a lot of mention about how the spammers are 'having to get innovative' the reality is that they are having to get desperate. There is no innovation in sending a unique audio message to somebody via email. But when they have to bypass all existing spam filters in addition to having to resort to sending out huge, uniquely distorted audio files to get their message across they are definitely feeling cornered.
Re:Better : block all in email (Score:5, Funny)
by brianosaurus (48471) on Thursday October 18, @10:40PM (#21031219)
(http://www.brianosaurus.org/)
No to block the letters. block all 4-letter words. stock symbols appearing. As a bonus, it neutralize swear words, making email "" for children and christians.
And the : the solution doesn't sound contrived propaganda. I , really. Who heard of mp3 files infringe copyrights?
Your post advocates a
( ) technical (X) legislative ( ) market-based ( ) vigilante
approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)
( ) Spammers can easily use it to harvest email addresses
( ) Mailing lists and other legitimate email uses would be affected
(X) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
( ) It will stop spam for two weeks and then we'll be stuck with it
( ) Users of email will not put up with it
( ) Microsoft will not put up with it
( ) The police will not put up with it
( ) Requires too much cooperation from spammers
( ) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business
Specifically, your plan fails to account for
(X) Laws expressly prohibiting it
( ) Lack of centrally controlling authority for email
( ) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
( ) Asshats
(X) Jurisdictional problems
( ) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
( ) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
( ) Armies of worm riddled broadband-connected Windows boxes
(X) Eternal arms race involved in all filtering approaches
( ) Extreme profitability of spam
( ) Joe jobs and/or identity theft
(X) Technically illiterate politicians
(X) Extreme stupidity on the part of people who do business with spammers
( ) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook
and the following philosophical objections may also apply:
(X) Ideas similar to yours are easy to come up with, yet none have ever
been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
( ) Countermeasures must work if phased in gradually
( ) Sending email should be free
( ) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
(X) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
(X) Killing them that way is not slow and painful enough
Furthermore, this is what I think about you:
(X) Sorry dude, but I don't think it would work.
( ) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your
house down!
In general, it is safe and legal to kill your children. -- POSIX Programmer's Guide
Last week, a friend of mine on gmail sent an email, no, rather, a "voicemail" to my gmail address from his own. When you get the "voicemail" through gmail, it comes through as an mp3 itself. Perhaps these spammers are trying to figure out if they can spoof that and hit gmail users before the voicemail thing becomes more widespread?
But just as I've said before, the spammers are just going to continue to get more creative as long as we keep trying to counter spam with filters and other such nonsense. We'll never stop spam until we actually manage to remove the economic incentive that drives it. Even the offshore banking accounts that are netting profits off these pump-and-dump scams should belong to someone. And if we can figure out who, we can start to stop this machine.
And I'll be willing to wager that whatever shady financial institution is helping to hide these lowlifes is taking a cut off the action as well.
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
For those that have less time than I (but still time to waste on a funny commercial).
I work for one of the major spam filtering companies. We already have the MP3 spam problem solved, and I expect the others also already do, or will shortly. It's not that tough, and it doesn't take heavy-handed measures like blocking all MP3s. I expect this to be fairly short-lived. PDF spam and Excel spreadsheet spam didn't make much of a splash either, and have already mostly gone away.
Image spam is also mostly gone these days, but it had longevity because while some providers (such as my employer) very quickly solved it, some others took quite some time, and even after they solved it, some had relatively poor efficacy, even if they were catching most of it.
"Spammers are back with a new trick, this time round sending messages with MP3 attachments that contain the latest pump-and-dump stock scams .." Says Graham Cluley
..
Anyone who responds to such scams is obviously too dumb to be allowed possession of money, it's best to have them taken out of the economy
"These are not attacking any kind of vulnerability in the computer"
"They are attacking the vulnerability of people's brains " [Graham Cluley - Sophos] May 2004
davecb5620@gmail.com
"Brett Jolly said he planned to have an accredited gemmologist verify within 48 hours whether the gem was a diamond."
.. Jolly .. confirmed that he had tested the alleged diamond in the company of a journalist on Thursday"
.. :)
"We put it on a garage grinder and the thing won't scratch, so what can it be?"
"The huge stone, which was believed to be the world's largest diamond, is a fake
Like why don't he hand it over to De beers and have them test it, before calling for 'investors' in his diamond mine, where can I still l sign up
davecb5620@gmail.com
The other day, I picked up the ' telephone ' and a voice on the other end advised me to invest in a South African diamond mine, well next thing I know, I re-mortgaged the house and gave the lot to this anonymous voice over the phone. When will Sophos provide a solution to protect me from the ' telephone ' ...
.. the VOICE says so .. must invest ...
must invest
was: Re:mp3s with payload?
davecb5620@gmail.com
See, you can work Ubuntu into ANY comment. Try it, it's fun.
My beliefs do not require that you agree with them.
The part I still don't understand is why I see spam sent to root and admin (two addresses that one would thing are predisposed to dislike spam).
Mail? Put "slashdot" in the subject to pass the spam filters.
Dude, if you're not already insanely wealthy and just posting on Slashdot for kicks, you should totally get into marketing.
I, for one, welcome our new implied-porn marketing overlord, and look forward to seeing your work during the next Superbowl. And then twice during every show after that.
I'll take two of whatever you're selling please.
It is by the juice of the coffee bean that thoughts acquire speed, the teeth acquire stains. The stains become a warning