Saturday, March 10, 2007

operation spamalot

first off, yes it really is called (or at least code named) operation spamalot... though some might be tempted to say that someone somewhere has a sense of humour because of the apparent monty python reference, the fact that the term spam itself comes from a monty python skit means that the humour in the name operation spamalot is not very creative...

that said, i think it's kind of interesting that the SEC has decided to halt trading of companies that have been the subject of stock spam... interesting in a 'how many ways can this go wrong' sort of way...

over at the securiteam blog, aviram points out one way this could go wrong - a company's competitor could send out fake stock spam (fake in the sense that s/he's pumping without dumping because s/he has no actual shares) in hopes of getting the trading of the company's stock to be suspended, therefore benefiting the competitor...

let's extend that a little, though... what if a company's competitor sent out real stock spam? then, no matter what the SEC does, the competitor comes out ahead... if trading for that stock is halted it's just like the previous example, otherwise the competitor makes a nice profit when s/he dumps his/her shares...

how about a third possibility... what happens when the stock spammers in aggregate are spamming so many different stocks that halting trading of them all would hurt the stock exchange?

obviously something has to be done, but such draconian measures seem like they're probably going to fail in the end... aside from the fact that our inboxes get deluged with the stuff, isn't the key to the stock spammer's success the fact that the recipients are purchasing the stock in ignorance (rather than just the fact that the stock is being bought)? couldn't that ignorance be addressed? couldn't the folks buying such stocks get a warning about the fact that the stock has been spammed and that if they're buying it purely on the word of some email they received they may be being deceived?

oh well, it's probably too much work for them, but it does serve as a pretty good bit of advice (i hesitate to call it safe hex) - don't buy a stock just because an email told you it was a good buy... emails out of the blue that give you accurate stock advice falls under the heading of too good to be true...

1 comments:

Unknown said...

Yeah, I first heard this idea to turn off trading and immediately thought, "Dos!" Kinda like sending bad traffic just means a firewall automatically shuns networks...handy for an attacker.

If you want to get back to the technical side as opposed to hoping everyone is not stupid about email spam and stock suggestions, we can kill SMTP or at least identify senders better. This is another crime borne of the wildly efficient of the Internet (and insecure foundation of things like SMTP).