Spotting stock spam

The whole stock spam situation is getting a little ridiculous. First we had
simple text in an image then, when we plugged OCR engines into our spam
filters, we had distorted text in an image, then when that damage was routed
around, we had distorted text on a psychadelic background. A little later on we
got rotated distorted text on a psychadelic background. Very recently, we got
the next step in the arms race, all of the above embedded in a PDF file.

Someone somewhere must be making money from these penny stock scams, enough to
make it worth their while to keep upping the bar. The PDF file idea is neat
but assumes the mail client of the recipient will display a PDF inline. Some
do, some don’t and we all obey the “Never open a binary you weren’t expecting”
safe hex guideline, right?

Wrong, of course.

Stock spams will carry on being sent for as long as enough people make the
price needle shake just sufficiently in the right directions so as a sharp
trader can wring a profit out of the deal. The stocks “advertised” in these
spams are invariably pink sheet. The fact they have to resort to probably
legally dubious, and certainly morally dubious, methods of bumping the price
should surely be a large neon pointer that something is amiss. Alas, on
average, people are stupid.

At the last Fotango hackday, I spent a
little bit of time working on a SpamAssassin plugin that picks out one of two
characteristics of these emails and scores them just a little bit. I have been
running the plugin on my front end mail servers and, yesterday, the plugin
flagged over 400 messages. Knowing my mail setup this means that this
represents somewhere between 5 to 10% of the actual number of messages that
were sent. I only filter mail for a few hundred domains so if we scale the
numbers up even a little bit, someone somewhere is really keen on
generating even the tiniest of interest in the symbols in question.

The low value of these stocks means that vast numbers of shares must be traded
to make the kind of money that would make such low-handed tactic worthwhile.
To my knowledge, stock trades are all recorded. Surely it can’t be that hard to
match the symbol in question up to a heavy purchase followed by a heavy sell?
This would surely make it possible to identify the individuals and, I’m sure,
companies who see saturating your mail server and polluting your inbox as an
easy route to a quick profit.

Ubuntu +1

Last night I attempted to install Ubuntu 7.04 on an Acer Ferrari
4000
series laptop. This laptop has lots and lots of whacky hardware in
that has thwarted many a Linux installer in the past. Ubuntu got it all right
first time in about 3 clicks. Wireless, 3D, bluetooth, my odd USB gaming
mouse, the lot. I’m very impressed.

I was on call over the weekend so I spent most my time in the house. Lynda and
I unpacked a couple of boxes and generally tidied up. I did one task I’d been
putting off for days: unsnarling a huge tangle of cables. Oh, and I finally
got the stereo put back together.

Planning for redundancy

Not in the work sense in this case. This weekend has mostly been taken up with
building and installing the 4th AntibodyMX node. All four nodes are in
different buildings, on different power and on different networks, I’m thinking
this is probably enough redundancy for now. I’m very pleased with all of ABMX’s hosting partners so far, so I don’t mind mentioning them by name. In order of time hosting with they are: ORE NET, Web Tapestry, Servology and, as of yesterday, Bogons.

The new node will get a week or two to burn in. My personal mail weighs in at
about 200 messages per day so that’s a nice steady stream of mail to push
through it.