Dump the Pump and Dumps
 
 
 
 
Here we are, well on our way into the 21st century; the human race has been around for at least 5767 years, as of last weekend; and we've been working with e-mail, Internet, and spam for over a decade already. With those credentials, you'd think people would know better.
 
Well, we all know better - but some people never learn. The proof? Someone - lots of people, in fact - are following the advice they get in the new flood of stock scam spam that has hit the Internet in recent months, leaving virtually no computer immune. According to a recent study by Internet researchers from Harvard and Perdue Universities (http://tinyurl.com/g2v33), the prices of 'penny stocks' that were being touted in mass mailings to suckers actually rose significantly after a batch of messages were sent - as if recipients were rushing to their on-line brokers to buy the likes of Cyberhand Tech or ThermaFreeze Products in the hope that they could double their money. Well, the come-ons are certainly appealing: 'Big Announcement Monday morning is going to make this stock EXPLODE!'
 
It's a scam, of course; all part of 'pump and dump' schemes, where spammers buy stock in companies that exist mainly on paper and are traded on unsupervised exchanges, and then dump the shares on those who respond to their spam. It must be working, because in the past few months, stock spam has begun edging out fat pills or 'v1agra' messages in my inbox!
 
But I'll leave pump and dump investigations (http://www.spamnation.info/stocks/FAQ.html) to the money guys; I'm much more concerned over the fact that stock spam, as opposed to the others I and many others are subject to, manages time and again to get past my e-mail filters, rendering them nearly helpless against this new plague.
 
That's right, helpless. You can't blacklist particular e-mail addresses, because they use different ones each time; ditto for the domains these messages come from, which don't even seem to exist; keywords don't work, because many of these messages have no words at all; and it doesn't do any good to filter out messages with html images or attachments, because there aren't any!
 
These sneaky spammers have hit upon a novel way to make sure there messages get through; inserting a .png image into a line of text, with the actual spam message in the picture! You might have noticed that some of these messages start out with what looks like a newspaper article or the contents of a romance novel - but most come with no actual text at all, the better to evade any text-based spam filters altogether. The image is inserted as part of the empty body of text - just like you would insert, say, a table into a text document in Word. And although you are getting an image, it's not the standard HTML images that most e-mail programs filter out. The image, in this case, is the pump and dump shpiel about how you can get in on the ground floor and make out like a bandit by following investment advice from an anonymous, malicious source!
 
In other words, although it looks like you're reading a text message, you aren't. Check out the headers in these messages, and you'll see that instead of the usual 'text/html' content type, these messages use another content type, called 'multipart/alternative,' which many POP mail programs can't filter out on their own (see http://tinyurl.com/f4b5k).
 
Spammers who send this stuff are taking a chance, because the 'links' in them - whether URLs or e-mail addresses - cannot be clicked on, so they must be expecting recipients to actually type in, or at least copy and paste, the links into their browsers. Maybe that's why the penny stock people have focused in on this spam method - if you're going to make people do extra work, you have to promise them a reward.
 
But of course, the fact that you're reading this column means you're too smart to fall for these schemes. Why put up with these messages if they're not going to make you any money anyway? If you have a Gmail account, you're in luck, because if looks like the Gmail people have figured out how to deal with this; whereas a few months ago these messages were getting into my Gmail inbox, in the past couple of weeks they are going directly into the spam folder. If you're using Outlook Express, you'll need a separate spam filter program (try Mail Washer, http://www.mailwasher.net, although you may have to manually set up a filter for multipart/alternative content; Thunderbird (http://www.mozilla.com/thunderbird/) has a built-in filter you can easily set up (http://tinyurl.com/odhp8) from within the program. And just in case you do get tempted to send some money to the penny stock people, check out http://www.spamstocktracker.com/ - this guy's lost $50,000 of virtual money already. The best way to deal with these messages? Run your own 'pump and dump' scheme - when they try to pump their penny stocks, just dump their e-mail into the trash with your newfound filters!
 
September 29
2006
 
 
   by
   David Shamah
ds@newzgeek.com
 
 
 
 
Link this!
 
  del.icio.usdel.icio.us
 
save_to_blinkbits
 
  Blink It!
 
FurlFurl
 
  diggdigg this!
 
  reddit
 
the Newzgeek files