Application security

SEC sues two over spammed stock scam

The Security and Exchange Commission (SEC) has charged two Connecticut residents and the CEO of a California firm with using a spam email "pump-and-dump" scheme to inflate the price of stock.

The suit alleges that Jeffery Steven Stone and his wife, Janette Diller Stone, both of Greenwich, Conn., acquired 288 million shares of stock in WebSky, a San Francisco-based penny stock company.

The couple then hired stock promoters to hype the stock's value - telling victims the stock was in a successful joint venture in Argentina that would result in $40 million in annual revenues - through spam email before dumping it into the market, according to a release from the SEC.

As a result of the spam campaign, the price of WebSky stock soared by more than 300 percent and saw trading volume of more than 20 times greater than expected. Stone and his wife received more than $1 million in proceeds, according to the SEC.

WebSky CEO Douglas Haffer, of Oakland, Calif, was also sued by the SEC for selling shares in a subsequent transaction to an entity controlled by Stone and his wife without registering the transaction or security an exemption from registration, according to the agency.

Subject to court approval, Haffer and his company have agreed to settle the suit without admitting or denying the allegations.

Ron O'Brien, senior security analyst with Sophos, said today that some email scams are not illegal, but they are a drain on IT resources - accounting for about 15 percent of spam.

"We have been particularly concerned about pump and dump activity. The public may not realize that while this may not be illegal, it is unethical," he said. "So, to the extent that we can, we'd like to deter people from participating in this type of scam. It takes up a lot of bandwidth, and it makes the actual spam problem a lot worse."

O'Brien added that pump-and-dump scammers are using a more common spamming tool - image spam - to bypass spam filters and reach prospective victims.

"We have been seeing an inordinate number of these pump-and-dump scams that are starting to use images," he said. "Of course, when you use images, you decrease the ability of a spam filter to stop the problem."

Research from CipherTrust showed earlier this month that image spam has tripled in the last three months and now accounts for 30 percent of all spam on the market.

An In-Depth Guide to Application Security

Get essential knowledge and practical strategies to fortify your applications.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds