That’s right kiddos, “Pump and Dump” is used to describe more than the ageless mating practice enjoyed by alpha males. It’s also used to describe a form of Microcap stock fraud. In both scenarios: people are sold a dream, fucked, and then left standing there with sad looks on their faces.

On Sunday afternoon I was helping my cousin and her husband move when her friend walked up talking about a bunch of crazy text messages she had gotten on her cell phone. Being the ex douche bag that I am, I was singled out to explain what was going on. The messages were written to appear as if they had been sent to the wrong person with a juicy (insider?) tip on a penny stock that was about to skyrocket in price. This is the Pump side of a Pump and Dump. Someone looking to manipulate (*cough* *cough* defraud) the market can artificially inflate a stock by as much as tenfold with relative ease. They simply have to get a ton of people to buy the hell out of it within a short period of time.

How the hardcore guys did this back in the day:

1. Buy a metric assload (literal translation: whole bunch) of any random penny stock.
2. Rent some temporary office space with a bunch of phone lines and set up a telemarketing operation.
3. All the cohorts would sit around calling residential numbers during business hours in hopes of getting answering machines. If someone answered: “Whoops, wrong number”. If they got a machine, they’d lay down one of several scripted voice mails that carried the same message: stock XYZ is going to explode on [whatever date].

Example:
“Hey Jim, Bobby again. It’s a Go on XYZ the 19th of this month. I just dropped 50k into that puppy. Our friend at the FDA said that their cholesterol pill is going to get the green light for sure. We’re in the know ahead of the company, even. This is going to be huge.”

4. After leaving thousands upon thousands of these fake insider tips on people’s answering machines the stock would jump up in price because of all the people buying it based on the bogus tips. Before the magical day when the stock is supposed to skyrocket, the evil evil bad bad people sell (dump) all of theirs for big profits before the stock levels out to its actual worth.
5. The people who bought the stock based on bogus insider tips are left with sad looks on their faces and are reluctant to report anything to law enforcement. No one likes admitting to being suckered. And, it was “illegal insider info” they were acting on - not something you want to tell police about.

Think I’m bullshitting about this not being rocket science? About seven years back a freaking 15 year old kid got fined over 250k by the Securities and Exchange Commission for such stuff. Even after that spanking from the SEC, Jonathan Lebed was sitting on 500k in profits from two years of shady stock manipulating.

Back to this current Pump and Dump hustle…

continue reading "FDKE: Pump and Dump Stock Fraud Currently In Progress"

Gather around kids, this is gonna be a fun one. I might even get sued, finally. Yay!!1

Recently, on some random news station, I heard about Walmart’s new “Money Card” which is nothing more than a prepaid Visa card. Just like any other such card, it has a website where you can check your balance, add funds to your account, etc. Alternatively, you can have your account information stolen, be exposed to hardcore XXX porn, or line the pockets of a bottom-feeding douche bag while trying to reach the site. Why? Because Walmart, just like most companies, is nothing short of retarded when it comes to internet security and protecting their brand in the online world.

But, but, but… Their site says that it’s secure. It even has a nifty little seal on it from Thawte verifying that it’s protected by RC4 128-bit encryption.

Yeah, so what? I said that all those evil evil bad bad things could happen to a person while trying to reach the site. I never said that they’d actually make it there. Your good ol’ Uncle Buck or Aunt Charlene who’s not too savvy on that there interweb, but falls perfectly into the demographic of folks who would have a Wally World prepaid money card, is likely to mistype the web address. That’s why any security-minded company who wants to protect their customers and brand’s image would / should at the very least register all of the most common typo domains when setting up shop on a new domain - especially if it’s a financial kinda deal. In Walmart’s infinite wisdom, they did no such thing.

After hearing about this new Walmart card and the accompanying website, I checked to see if they had registered and were forwarding over traffic from one of the most common typos: the full web address prefixed with a “www”. Typing out “www” and then forgetting or simply missing the dot afterwards is commonplace among eTards and fast typers. Sure enough, wwwwalmartmoneycard.com was wide open. So, I registered it. Just for good measure, I went ahead and registered almartmoneycard.com today too. Missing the first letter of a domain is also pretty common. Luckily for Wally World, I snagged those domains with the sole intent of using them as an example for this blog entry. This could have played out much differently…

continue reading "Dear Walmart: Your Online Security Blows"

The latest fiasco to rip though MySpace Land screams what everyone already knows: incompetence is the only strong suit of the crew over there. Hopefully, Tom and Chris will get kicked to the curb in October and Rube will completely clean house over there. If not, I guess I’ll see all you on Facebook in the coming months.

Anyhoo… When I was on MySpace a bit ago, I tried to reply to a message. Instead of getting the message sent I was greeted with a cute little “your message did not pass the spam filter” response. When I tried to resend the message I was told that my account had been phished. lolz

Their phished account flagging system has always been a bit glitchy, so I wasn’t surprised. When I went to change my password through the link provided to unlock my account I was greeted with the below:

^^^ Do you see the problem? The fucking captcha image is broken. Hitting refresh several times didn’t help things, so I logged into MySpace via Internet Explorer instead of FireFox thinking that it might be a we is be retarded and no know how make websites work in multiple browsers properly issue. Well, that didn’t help either.

continue reading "MySpace inadvertently flagging accounts as phished"

A while back I posted a blog entry on MySpace about the new MSPLinks link filtering solution they have been haphazardly rolling out. In it, I said: “MySpace took a huge step in the right direction by hiring an outside company [MarkMonitor] to implement a system to screen outgoing links added to your pages, comments, etc”. Everything in that entry is correct besides the assumption that MarkMonitor was providing the solution.

Correction: MarkMonitor is not involved in the MSPLinks service, but is the domain registrar used by MySpace for domains including msplinks.com.

MarkMonitor does in fact offer anti phishing solutions and whatnot. I just didn’t bother digging deep enough to see that they are also a domain registrar. I’d blame my buddy Sean over at SocialHam since he was the first to post that info, but I made the same assumption before I even read his blog entry about it.

Whoops. :P

continue reading "Correction: MarkMonitor is NOT involved in the MSPLinks MySpace filter"

Imagine being told that you’re sick when you’re not, a quack doctor forcing some symptoms to show, and then being charged for a Cyanide pill to treat your nonexistent ailment. That’s the gist of what’s going down on MySpace at the moment.

This thing is being passed around in the same fashion as the MySpace Adult Content Viewer BS that was infecting tons of people not too long ago…

1. Tons of fake MySpace profiles are setup.
2. Said profiles have a clickable image overlaying them to entice people into downloading a payload of evilness.
3. A friend adder bot is used to send out a couple hundred friend requests from those profiles every day.
4. People visit the profiles to see who the got the friend request from.
5. The end.

For a detailed look at how the Cyanide is administered, PaperGhost has a play-by-play posted on SpywareGuide.

For everyday MySpace users, the bottom line is that you shouldn’t click on this image when you see it plastered across a profile.