Psssst! Have you heard about Cana Petroleum yet?
"Trey Mcmahon" wrote me an upbeat email recently to let me know that the oil company's share price was set to shoot up on the back of a huge publicity campaign. But then I also got emails from Stella, Gonzalo, Bridgette, Irma, Suzanne, Lloyd, Tracie etc etc...
Coincidentally, The Guardian published an article by Danny Bradbury explaining how these pump & dump spam mails were becoming the most prevalent form of online scam. The emails are generated by PCs infected via trojan horse programs that surreptitiously control the affected machines to dispatch spam. The thinking goes that if you send out enough emails puffing a particular share, enough people will buy the share to increase its price, so the spammers can offload their holdings for a profit.
The article touched on some interesting points:
Spammers are getting more technically sophisticated in order to stay one step ahead of counter-measures. Instead of using identifiable online email servers to dispatch their junk messages, spammers create networks of mailbots ("botnets") to send small batches of emails that evade detection by anti-spam monitors.
Like any other direct mail operators, the spammers are targeting high net worth individuals with the messages.
AccountingWEB's own technology support team confirmed the Guardian's estimates about the remarkable volume of spam. "The load on our servers is pretty high - around 90% of what we get is spam," reported our tech honcho. "We just don't have time to cope with it all and are having to consider going to an outside provider."
One recommendation from the anti-spam monitoring group TQM3 is for internet service providers to block port 25 on client systems. This is commonly used as the route for spam emails. If you have a router with a built in firewall, the Guardian article explains how you can check whether your machine is being used as a mailbot by turning on your report log, blocking port 25 and seeing if any network traffic is intercepted.
AccountingWEB's security adviser Stewart Twynham reckoned that net users and their ISPs could be doing more to combat the flood of spam. "Blocking port 25 is easy to do - there is no need for a home user to be sending emails directly from their PC to the outside world. They should be using the email servers (relays) provided by their ISP.
"The ISP should then be monitoring email traffic volumes - people don't normally send 50,000 emails a day, so it's should be easy to spot."
For further information on how "botnets" are created and controlled, Twynham recommends reading The strange tale of the denial of service attacks against GRC.com. The denial of service attack is now an unfashionable form of net nuisance, and not as profitable as pump and dump spam. But as Twnham explained, "The same principles are used in communicating with botnets for spam."