MP3 Spam Being Deployed for Pump and Dump Hype Stock Scam

On Thursday, GFI Software announced that it is tracking a new method of spamming unsuspecting people via MP3 attachments.

These spams contain the latest "pump and dump" stock scams. These scams involve schemes that try to greatly and quickly increase the price of a stock by "pumping it up" with statements that are false, misleading, or greatly exaggerated. Once the "hype" has raised the stock price by many, many times, the scammers "dump" the stock (sell all of it that they own) for huge profits, just before the Street grows more knowledgeable and the stock price plummets, leaving most investors holding a loss.

Time was that pump and dump was achieved through massive cold-calling efforts. However, the Internet has made the practice even more prevalent.

The latest spam is a 30-second MP3 file recorded at low bit-rate featuring a synthetic, heavily-distorted female voice promoting a particular stock. The distortion lets the attachment thwart signature-based anti-spam technology.

The MP3 format is one of the most common in use today. The typical anti-spam technology does not handle these attachments very well because they do not actually analyze the attachment content, which is a fact that spammers are leveraging to their advantage.

GFI MailEssentials technology includes a second generation Bayesian filtering engine. The company says that IT administrators need to deploy as many anti-spam techniques as possible, including Bayesian filtering, while at once maintaining a very low level of false positives.

Bayesian filtering is a technique of e-mail analysis that has been used for several years and relies on the mathematical principal that most events are repetitive and periodic. This kind of filter "learns" to differentiate authentic e-mail from advertising or harmful spam by using algorithms to discover repeated patterns in the words and punctuation used in large samples of both types of messages.

It selects "tokens"-that is, sample sets of numbers and words-- from the text and compares their ratio between what has been previously labeled authentic e-mail and spam. Referencing the tokens, the Bayesian filter observes new mail and calculates the probability that the message is bogus.

While not perfect, the technique is extremely effective and is becoming progressively more so as filters receive more input on what is authentic and what is bogus.

"MP3 spam is a natural progression from PDF and Excel spam whereby spammers are exploiting a new file format to be able to send spam. This is their latest attempt to evade anti-spam filters. There is also a social engineering aspect to this tactic because people frequently share MP3 files," David Vella, director of product management, said.

Source:
http://prnewswire.com/cgi-bin/stories.pl?ACCT=104&STORY=/www/story/10-18-2007/0004685022&EDATE=