New Flavour of Spam - MP3 Stock Scams

← Back to Stories (view on slashdot.org)

New Flavour of Spam - MP3 Stock Scams

Posted by Zonk on Thursday October 18, 2007 @07:14AM from the tastes-just-terrible dept.

An anonymous reader writes "Spammers are back with a new trick, this time round sending messages with MP3 attachments that contain the latest pump-and-dump stock scams. One sample identified by Sophos was a heavily distorted 30-second MP3 file. A synthetic female voice was used to promote a particular stock. Says Graham Cluley, senior technology consultant at Sophos: 'Although the spammers seem to have a fair bit to learn about machine-generated sales patter, some companies might consider blocking all MP3s in email as a matter of course. So many music files infringe copyright, and it can be hard for a company to establish which ones are legal and which are not after they have arrived. Blocking MP3s, or at least quarantining until requested by the user, can be a good way for a company to take a proactive stance against the use of email for illegal file sharing. It also has the benefit of neutralizing this sort of spam at the same time.'"

32 of 170 comments (clear)

Min score:

Reason:

Sort:

Well hey now by SpiffyMarc · 2007-10-18 07:32 · Score: 5, Funny

Let's not get hasty. Some of us rely on those daily pump-n'-dump stock scams to support our families.

Won't you think of the shady day-traders?
Better idea: block all text in email by Sub+Zero+992 · 2007-10-18 07:35 · Score: 4, Funny

Although the spammers seem to have a fair bit to learn about machine-generated sales patter, some companies might consider blocking all text in email as a matter of course. So many text files infringe intellectual property and patented business methods, and it can be hard for a company to establish which words are legal and which lemmas are not after they have arrived. Blocking all letters, or at least the letters J-M and all the vowels until requested by the user, can be a good way for a company to take a proactive stance against the use of email for illegal and/or infringing message sharing. It also has the benefit of neutralizing this most spam at the same time.

--
They who would give up an essential liberty for temporary security, deserve neither liberty or security - Ben Franklin
1. Re:Better idea: block all text in email by Shakrai · 2007-10-18 08:37 · Score: 2, Insightful
  
  some companies might consider blocking all text in email as a matter of course
  You got +5 funny, but you really deserved +5 insightful.
  
  Seriously. Since when did it become my job as a network admin to "take a proactive stance against illegal file sharing". As long as my users aren't bogging down my network I DON'T CARE WHAT THEY ARE DOING. If they are doing something illegal then I would assume that law enforcement will catch up to them sooner or later.
  
  Blocking MP3s, or at least quarantining until requested by the user, can be a good way for a company to take a proactive stance against the use of email for illegal file sharing
  Yes, cuz e-mail has displaced P2P/bittorrent as the preferred method for sharing songs and warez. Give me a fucking break! I would suspect that less then one percent of copyright infringement (as it relates to music) takes part over e-mail.
  
  --
  I want peace on earth and goodwill toward man.
  We are the United States Government! We don't do that sort of thing.
2. Re:Better idea: block all text in email by brianosaurus · 2007-10-18 08:40 · Score: 2, Funny
  
  No need to block the letters. Just block all 4-letter words. That will keep stock symbols from appearing. As a bonus, it will neutralize most swear words, making email "safe" for children and christians.
  
  And the best part: the solution doesn't sound like contrived RIAA propaganda. I mean, really. Who ever heard of mp3 files that infringe copyrights?
  
  --
  blog
3. Re:Better idea: block all text in email by Torvaun · 2007-10-18 08:46 · Score: 3, Funny
  
  No need to block the letters. Just block all 4-letter words. That will keep stock symbols from appearing. As a bonus, it will neutralize most swear words, making email "safe" for children and christians.
  
  And the best part: the solution doesn't sound like contrived RIAA propaganda. I mean, really. Who ever heard of mp3 files that infringe copyrights? Turns into:
  No to block the letters. block all 4-letter words. stock symbols appearing. As a bonus, it neutralize swear words, making email "" for children and christians.
  
  And the: the solution doesn't sound contrived propaganda. I, really. Who heard of mp3 files infringe copyrights? Now it matches the spam I get grammatically...
  
  --
  I see your informative link, and raise you a pithy comment.
Show of hands, please... by jabber · 2007-10-18 07:35 · Score: 2, Funny

So, who thinks the RIAA is behind this?

--

-- What you do today will cost you a day of your life.
Ugh, please don't block file types... by MightyYar · 2007-10-18 07:38 · Score: 4, Informative

I hate when a certain file type gets blocked. Just today I had to rename my exe files so that I could send them in gmail... even though they were zipped! Yes, gmail actually looked inside my zip file to see if there were any exe files...

So of course, now the instructions to use my script have to include renaming exe files after unzipping.

--
W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
1. Re:Ugh, please don't block file types... by Constantine+XVI · 2007-10-18 07:50 · Score: 3, Informative
  
  Use another archive format (like 7z, RAR, tar.gz, etc.), or rename your .zip to something like .piz. Foils it every time.
  
  --
  "I think an etch-a-sketch with an ethernet port would beat IE7 in web standards compliance."
2. Re:Ugh, please don't block file types... by necro2607 · 2007-10-18 07:56 · Score: 3, Informative
  
  Easy solution, put a password on the ZIP archive. Be sure to check the option "encrypt filenames" as well, if available. :)
3. Re:Ugh, please don't block file types... by MightyYar · 2007-10-18 08:15 · Score: 4, Funny
  
  Arg, why didn't I rename the zip? Duh.
  
  --
  W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
4. Re:Ugh, please don't block file types... by MichaelSmith · 2007-10-18 10:28 · Score: 2, Interesting
  
  gmail actually looked inside my zip file to see if there were any exe files
  For one company I exchange email with I have to pgp encrypt most types of potentially executable code, including ksh scripts, then strip the PGP headers and footers and send the raw base64. Its the only way to get it through their mail system.
  
  --
  http://michaelsmith.id.au
320Kbps MP3 Spam... by Starteck81 · 2007-10-18 07:39 · Score: 5, Funny

... sound so rich you can almost see the pink and taste the meat.

--
"There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed H
1. Re:320Kbps MP3 Spam... by spleen_blender · 2007-10-18 07:51 · Score: 4, Funny
  
  Wait... that is supposed to be meat? Why didn't you tell me I was eating this?!
What's the saying about a fool and his money? by mcmonkey · 2007-10-18 07:39 · Score: 4, Insightful

The realize the real victims are the rest of us who suffer the extra traffic on the internet and in our mail boxes, but who is smart enough to check email, play an mp3 file, and have money to lose and yet still be dumb enough to fall for this?

This isn't a scam, it's economic darwinism.
That Spam won't exist for long by Opportunist · 2007-10-18 07:42 · Score: 3, Insightful

Unlike pictures or HTML, people don't usually get a lot of MP3s via mail. Companies, like the article said, don't at all. People usually either use FTP or P2P access to get their MP3s illegally or through iTunes or similar services legally. And if they don't know what an MP3 is, they won't see (or hear, in that case) the spam at all, afaik there's no built-in support for MP3 in the various mail programs (and if there is, that's at best a reason NOT to use a certain mail client).

So I'd guess this is a short lived problem.

--
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
1. Re:That Spam won't exist for long by LWATCDR · 2007-10-18 07:54 · Score: 2, Interesting
  
  Yea I wondered why I got an MP3 in my email this morning. I thought it was probably some new buffer exploit that I hadn't heard of yet. Dang I wish I had listened to it now.
  
  --
  See my blog http://ilovecookes.blogspot.com/ for light hearted technical information.
Why are they really doing it? by scottsk · 2007-10-18 07:47 · Score: 3, Insightful

"...it's hard to believe that many internet users will fall for such an amateurish presentation..." Surely not, which leads to the real question of why spammers are doing it. No one who retains their services could be dumb enough to believe this would work. (In fact, the WSJ once built a portfolio of penny stocks that were spam targets, and they didn't even see a "pump" in value, just a decline.) This is an area where I'd like to see some investigative reporting done by a tech savvy reporter who could find out who these spammers are and who bought their services. To waste bandwidth? To distract us from other spam that's smaller but more accurately targeted? Defamation of a company by rivals? Getting into the spam underworld would be risky (one spammer died in a spam turf battle recently) but it would be interesting to know who buys the services of these spammers for these PDF, MP3, image, etc spams and why they're doing it.
1. Re:Why are they really doing it? by Anonymous Coward · 2007-10-18 07:57 · Score: 2, Informative
  
  In fact, the WSJ once built a portfolio of penny stocks that were spam targets, and they didn't even see a "pump" in value, just a decline.
  According to some analysts, that is in fact the intention. The Spam is not meant to artificially inflate the price for a short time, but rather to depreciate the stock. Not so much to ruin the target company, but rather because the spammers can short the stock and make a bit of money on the short-term depreciation.
  
  I'm not sure if it's true or not... but I must admit that when I see Spam related to stock, my gut reaction is to value that stock less than I did before. If the average trader who sees the Spam has a similar reaction, then the stock will lose value at least for a short while, which is enough to make money off of.
2. Re:Why are they really doing it? by larry+bagina · 2007-10-18 08:24 · Score: 4, Informative
  Not this shit again...
  You can't short a penny stock.
  Here's a dumbed down guide to how shorting works:
  
  You borrow stock from someone else
  
  You sell it
  
  ???
  
  Profit! (buy it back at a lower price and return the shares)
  
  If you want to borrow a NYSE/NASDAQ stock, your broker will be happy to help (they charge interest and take the shares from another person's account). But if you ask about borrowing a penny stock, they'll tell you to fuck off.
  --
  Do you even lift?
  These aren't the 'roids you're looking for.
VOIP? by Anonymous Coward · 2007-10-18 07:50 · Score: 5, Interesting

Well hold on there, I've got a nice new shiny VOIP line at home, guess how the answering service works? That's right, MP3s in my email...
No one "falls" for it. by khasim · 2007-10-18 07:51 · Score: 4, Insightful

But there is a group of people who THINK that they can ride on the scammer's pump-n-dump scheme and make some money on the up-side of the pump.

These are the people who know it's wrong and don't have the guts themselves to run a stock scam ... but feel okay about trying to make some money off of one.

I didn't say they were very smart.
1. Re:No one "falls" for it. by jonbryce · 2007-10-18 10:05 · Score: 4, Informative
  
  They pick small caps where there is very little active trade, and it can take weeks / months to sell the stock.
  
  They buy a load of them at the normal price over a period of time, then sell them at an inflated price to the people they spam. By the time they send out the spam, the price has gone up, and it is already too late to profit from the upside.
What I want to know... by JK_the_Slacker · 2007-10-18 07:56 · Score: 3, Interesting

... is how they'll manage to misspell the words in an mp3?

--
I'm waiting for a "-1 somepeoplejustshouldn'tgetmodprivileges" meta-moderation.
The RIAA is behind this... by brundlefly · 2007-10-18 07:57 · Score: 4, Informative

Strap on your tinfoil hats, gents. The RIAA stoops to a new low... poisoning the well for all of us who love to email terabytes of illegal MP3s to our co-workers.
New setting needed by gurps_npc · 2007-10-18 08:00 · Score: 2, Insightful

We need a setting to block all mail that has an attachment that is NOT on your contacts list, with an auto-reply explaining this. They sender would then know to send a normal email first, requesting that you put them on your contact list.

--
excitingthingstodo.blogspot.com
1. Re:New setting needed by T-Bone-T · 2007-10-18 08:37 · Score: 3, Insightful
  
  They sender would then know that the address works and will then sell it to other spammers, thus vastly increasing the amount of spam you receive. Real smart.
Re:You're Giving Them Ideas . . . by JK_the_Slacker · 2007-10-18 08:02 · Score: 2, Funny

Geez, you finally release a product, and people complain that they weren't on the beta testing team.

--
I'm waiting for a "-1 somepeoplejustshouldn'tgetmodprivileges" meta-moderation.
I think satan just spoke to me, pump-n-dump porn by jollyreaper · 2007-10-18 08:09 · Score: 3, Funny

Ok, you know that ramen noodle commercial where we see this hawt japanese chick bobbing her head up and down, slurping on something that's just below the bottom of the screen, we all think it's wang but we then see it's an instant ramen cup? Just imagine if it wasn't ramen and the symbol of the stock in question was written on her forehead. Five minutes of knob-slobbing action, brought to you by the fine folks at ABC Corp. Spam this out to a hundred million people and just see the results you'll get!

Wow, that spam plan is so evil, I think the Russian mafia is coming to kill me.

--
Kwisatz Haderach
Sell the spice to CHOAM
This Mahdi took Shaddam's Throne
Got one by HTH+NE1 · 2007-10-18 08:18 · Score: 3, Funny

I received one of these, except instead of a stock spam, it was some annoying woman repeating over and over, "What the fuck do you think you're doing?"

--
Oh, say does that Star-Spangled Banner entwine / The myrtle of Venus with Bacchus's vine?
Re:Only way I'll listen to these... by wjhoffman1983 · 2007-10-18 08:21 · Score: 4, Funny

You have a fine taste for audiophiles? ;)
Re:I think satan just spoke to me, pump-n-dump por by Glowing+Fish · 2007-10-18 09:04 · Score: 2, Funny

A whole new meaning to the term "pump n dump"

--
Hopefully I didn't put any [] around my words.
Got a bunch today by GoRK · 2007-10-18 10:57 · Score: 2, Insightful

I got three or four of these today. I think they will be a pretty short lived trend for a couple of reasons:

You can't understand it. Think a million times worse than Max Headroom on a cell phone. It's so noisy and distorted that you can barely make out that it is a female voice much less interpret the stock symbol she is attempting to SPELL! I have a nice noise canceling headset for my phone and still have to use the phonetic alphabet to spell things on the phone. How do they expect this to work?

They are huge. Mine passed my spam filter simply because I've never had a spam bigger than 100KB, so I haven't ever bothered to filter them. I guess things like the Storm botnet are changing the limits of this, but still, 100KB is 10-100 times the amount of data vs a normal spam that you have to send out to plaster your message onto everyone's inbox.

The real take-home message here is that while there is quite a lot of mention about how the spammers are 'having to get innovative' the reality is that they are having to get desperate. There is no innovation in sending a unique audio message to somebody via email. But when they have to bypass all existing spam filters in addition to having to resort to sending out huge, uniquely distorted audio files to get their message across they are definitely feeling cornered.