Tuesday, 23 January 2007

Pump'n'Dump: It's all About the Timing, Baby

Funny guy: What's the secret of great comedy?
Straight man: I don't know, what is the secret of gr...
Funny guy: Timing.

And timing is also the secret to profitable stock kiting. In my previous post, I quoted Symantec's Amado Hidalgo, who hinted that the Trojan writers appeared to be working to a deadline. Presumably it was a deadline imposed by their stock-kiting scam-masters.

I'm guessing from the date of the blog post that the "burst of almost 1,800 emails" that Hidalgo talks about would have been over the weekend, or certainly before the markets opened on Monday.

Yes, timing is everything when encouraging fools to part with their cash. The botnet needs to be ready to spew out its quota of kiting come-ons at what the scammers calculate is just the right moment:

  • Too soon, and they risk clever day-traders buying in on the upswing and cashing out before the scammers do, thus reducing the ill-gotten profits

  • Too late, and the regulators might take an interest in the scammers' unusual transactions, before the scammers have had a chance to cash out and launder the profit

Not only that, but the spam needs to be sent in as short a time as possible -- in one, concentrated burst. If it's too spread out, the scammers can suffer either or both of the problems above. I conclude that this is why we're seeing these new botnets send a load of messages quickly, then falling silent -- as opposed to dribbling out fewer over a longer period.

This new strategy risks quicker discovery, but there seems to be no end to virus writers' ingenuity in infecting new victims' PCs.

1 comment:

David Spark said...

When I spoke with Microsoft they said around the holidays spam increases dramatically. Right after Thanksgiving is the biggest time. And their rationale is that's when people have their pocketbooks open.

Same is true for advertising. You want to send messages to people at different key moments during the buy cycle.

Spammers, virus and trojan writers, have the same mentality as Young and Rubicam or Ogilvy and Mather. The difference is those companies have a public image that they want to maintain. The virus writers don't.

David

Post a Comment