Web Design Brisbane - Raycon Web Design Brisbane - Raycon


View full article list

Pump and Dump Scams

Mark Edwards

Last weekend our website, Raycon.com.au was amongst the victims of a pump and dump spam campaign by persons unknown.

In a pump and dump scam, the fraudster first buys stock in a listed company. The target company is small and thinly traded so any demand change results in a relatively large stock movement. Next, they initiate a massive spam email campaign promoting the company with false or grossly exaggerated news that the stock is about to skyrocket in the next few days. If their scam works, many uninformed investors will purchase the stock, driving the price up. At this point the fraudster sells their stock to make a tidy profit.

These scams have been orchestrated by everyone from organised crime syndicates to individuals. The proceeds of scams of this nature can range well into the tens of millions of dollars.

The particular scam in which I became an unwilling participant involved Diversified Product Inspections Inc (DPRI). This company has been the victim of similar scams dating back to at least October 2001.

The fraudsters must have purchased a list of AOL email addresses. This makes tactical sense, as AOL users have a reputation of being amongst the least savvy on the Internet and thus the most likely to act on this bogus advice.

The emails they constructed each had a From address which was a freemail account like HotInvestments950@hotmail.com for example. Unfortunately, they used real domain names like my own raycon.com.au to come up with a To address to be displayed on the email whilst the true recipient email addresses were BCC'ed so that they were not visible.

The body of the email contained an outrageous stock prediction for DPRI as well as a disclaimer crudely attempting to legitimise their efforts.

They used an unsecured mail server owned by some other innocent party to do the sending. This company has probably been blacklisted by now and would have problems sending email until the ban is lifted.

On or before Wednesday the 19th of May the fraudsters began sending emails. Lots of them.

The AOL mail servers recognised the message as spam at some point and began replying to all the email addresses on the messages with a notification that "This email appears to be generated from a compromised web script. Please contact your hosting provider for additional assistance." plus the name of the intended recipient.

By Friday afternoon I had received about 200,000 of these notifications. Yes, that is correct, two hundred thousand of them!

The flood continued over the weekend and finally ceased on Tuesday morning by which time I had received about 480,000 notifications.

My domain was not the only one used and by my estimate I received no more than 10% of the total number of replies. So by my calculations these people sent out at least five million spam emails over a 6 day period.

I am not sure what volume of the emails got through to their intended victims but I did check what happened to the stock price.

In the three months leading up to the scam, the DPRI stock price had regularly been just below 30c. Around the time of the email campaign starting the price jumped to over 40c hitting a high on Monday morning of 49c. At this time there was considerable trading volume where I assume the fraudsters sold out their holding for a profit of about 50%.

If this is the kind of return that an Internet pump and dump scam can generate then I doubt I have seen the last of these email deluges.

View full article list