If your email address is guessable, or if you've ever made it public in any way, you're painfully aware of the massive uptick in pump & dump stock spams over the past couple of months (seemingly growing in quantity by the day).

I'm now receiving about 150 P&D spams in my inbox per day, added to the hundred or so spams trying to sell goods or services. And for those who will ponder, no I don't obfuscate my email address, and I have shared it publicly, however that should no more invite spam than an un-niqab'd woman invites rape.

Despite two heterogeneous layers of spam defense -- an email server spam detection system, and the spam defense in Outlook 2003 -- several dozen make it through to my inbox daily, as the spammers have adapted to bayesian filtering and are using new techniques to circumvent the filters (and I can hardly use a whitelist given that many of the people who contact me are legitimate new contacts who I haven't emailed before).

Spam relay blacklists no longer help much because the majority of spam is coming from mom and pops, their high-speed equipped home PC nefariously and unknowingly acting as a part of a massive worldwide botnet, relaying the latest pump&dump target emails by the billions from points across the globe.

Not only are legitimate emails getting shrouded in the haze of spam, the computational and bandwidth requirements to move all of this garbage -- especially now that spammers are resorting to embedded images -- is enormous. Extrapolate it out, things are looking very grim.

And what an ingenious target for spam, really: Spam to sell a product and inevitably people can track you down, because somehow there has to be a method of getting money to the spammer (or the person who paid the spammer). Spam to boost some irrelevant penny stock, however, and no such direct connection needs to exist, and the monetary path is masked by the cloud of the world capital markets (which makes me wonder if money laundering occurs through the same penny stocks. It isn't hard to envision scenarios where the market could be gamed, particularly among low-end unnoticed stocks, to elicit a loss on one end and a profit on the other).

Of course, the P&D scam isn't new: Buy some penny/low-capitalization stock (where a small amount of activity has a significant market effect). Talk it up as much as possible. Sell to a late comer. Laugh all the way to the bank. It really is a classic pyramid scheme, because once the flow of new suckers stops, the crash occurs. Sort of sounds like the .COM stocks in 2001. 

This technique has gone on in usenet newsgroups, or forums, and even by industry heavyweights who give credence to a stock they want to inflate and dump. Doing it through thousands (millions?) of compromised PCs, however, is new.

And the common analysis that I've seen of P&D completely misses the point in my opinion: I don't think the spammers truly think they're going to fool people into thinking these are great investments, but rather they're trying to fool people into thinking that they're fooling other people into thinking these are great investments. They're trying to entice Joe Clever into thinking "Ah...now they're pushing XYZ, and surely a bunch of suckers are going to buy into this nonsense...so I'm going to put $1000 in just to capitalize on those later suckers!" Of course everyone is thinking the same thing, until eventually it collapses on itself and the latecomers end up at an empty table when the waiter arrives with a hefty bill. Alternately it's commissioned work on behalf of insiders who want to cash out some holdings during an upswing, but I find the scenario of completely uninvolved 3rd parties more believable (again because the whole P&D scheme is founded around anonymity and disconnectedness)

It's a monetary game of chicken.

So without much further ado, let me present to you the current target of the game of financial chicken (if only I'd have listened to the wise words of P&D spam! I'd be rich I tell ya!). Since early this week I've been getting a ridiculous number of spams pushing SBNS.PK. Here's how it looks in the 5 day graph (this is up to date, so if you're looking at this entry in the future, it will not make much sense as the spammers will have moved on, the stock likely crashed). It looks like this pyramid is about to fall.

Given that the original spammer almost certainly bought in before starting their pump campaign, this represents a massive potential profit, so expect this to finance the massive next wave of stock spams, and R&D in evading spam filters.

UPDATE: It looks like the P&D target for the following week or two is SRRL.OB, another low-to-no volume bottom feeder. Notice the stocking up that took place in the latter half of the day, could it be the spam-master loading up before the run?

<>

NOTE: If you run an email server, before you bounce a castigating "SPAM FROM YOUR DOMAIN HAS BEEN REJECTED!!!!!" email, check if the domain has an SPF record. If it does, and the spam that claims to be from said domain doesn't come from an approved IP, save the reply. Along with the hundreds of spams a day, I'm also getting assaulted by a hundred or so message bounces/rejections per day because spammers are forging "@yafla.com". Don't pollute the net even more with illegitimate bounces, making the problem even worse.