DEFCON conference 17. “Stealing profits from spammers: how I stopped worrying about spam and loved it”. Grant jordan
Before I talk about our project, I want to tell you who I am, Grant Jordan, and who Kyle Vogt is (Kyle Vogt), who works for Justin.tv. We are students of the Massachusetts Institute of Technology, who have a lot of free time. And we have a lot of interesting projects, such as a safe-breaking device that allows you to open safes with the highest degree of protection. However, the answer to the question: who we are not?
We are not stock exchange experts, spammers or people who suddenly became rich by playing on the stock exchange. Therefore, all that I will talk about the exchange market and about spam is an outside view, that is, the experience of people who have no direct relation to it. When we started to do this, everything looked like through bubbles from soda, and therefore the project reflects our view of things exactly at that time. We had too little information, we didn’t imagine how a botnet works, how spammers manage it and how they send information to your mailbox.
Every time you open your mail, you find spam there. These are tips on how to increase penis size, or letters from “bad” girls from Russia, or a notice in which the former prince of Nigeria reports that he has made you the heir of his millions. However, one type of spam attracted the attention more than others - it was spam about the stock market. These were strange “clues” calling for the purchase of certain stocks, the course of which is about to jump “above the roof”. Like most people, I removed this spam, but once Kyle gave birth to one of the most stupid ideas I have ever met: "There must be a way that will help us select some of the money of these same spammers!"
')
After several attempts and failures proving Kyle’s wrongness, we plunged into the dark depths of exchange spam for 4 months. As a result, we concluded that it is possible to judge some things without even knowing what exactly is their basis. Enough is only the information that is in the public domain and that everyone has.
Today, I will explain to you how we have moved from manually sorting tens of thousands of spam letters to the strategy of “grabbing” pieces from spam profits. Our work allowed us to obtain data that refuted the results of almost all existing research on exchange spam.
It all began in October 2006, when all users of the network were literally flooded with spamming letters sending out offers to play on the stock exchange of gold mining companies GDK. It was then that Kyle said that there must be a way to “fuck” money from these spammers, to which I replied: “You're an idiot, Kyle!”
I'll explain why at first it seemed to me that Kyle was wrong. Profit based on asymmetric information on the principle "I know what you do not know." No one could trade if they were selling goods at exactly the price at which they want to buy. That is, I will offer a price, but I don’t know if you can pay it, and you will offer payment without knowing whether I will agree to it. If this were not the case, all prices would be fixed. Therefore, everyone knows that such financial information is always in the price.
So everyone gets spam. What do we know that which others do not know? At first we had to find out for ourselves what all these people do with the received spam, how they react to it. Maybe they are really tempted by the offer and buy shares? If spammers send such letters, it means that someone “bites” at them! What is the process? They send spam, then what happens is unknown, and after that spammers make a profit!
The process is a classic “Pump & Dump” scheme - “Pumping and dumping”, in which unscrupulous traders inflate interest in pre-purchased shares in order to sell them to inexperienced investors at an inflated price.
As a result, profits are lodging in their pockets, and the client suffers losses when selling artificially inflated stock prices. Anatomy "Pump & Dump" is as follows.
I own 100 shares of a company worth $ 1 each. I go to the bulletin board of the exchange and tell everyone that these stocks are rapidly increasing in price. People are starting to buy these stocks, and they are rising in price. When the price rises to $ 2 per share, I sell my 100 shares and get $ 100 profit. The demand was created artificially, everyone who wanted to buy these shares, bought them, and there are no more buyers. Shareholders want to sell them and find out that there is simply no one to sell them! No one wants to buy more stocks for such a price, and they begin to fall. And the price drops even lower than the one for which they were originally offered. Everyone suffers losses, except for the one who started this whole combination.
The following picture shows my profit and their losses. My profits grew gradually, and their losses were swift. This is called "calling customers". The concept is old and well known - it can be oral agitation, advertising speculative project "Boiler room" or forums. However, spam provides you with a wider audience for a small price.
You can communicate information beneficial to you to millions and millions of people. Profit depends on how early you started to recruit customers. The amount of losses depends on how quickly you started selling your shares. The last sellers get practically nothing, that is, they just throw money down the drain.
What types of stocks are spammers selling? These can be cheap Penny Stocks or OTC OTC stocks that are not represented on the well-known NASDAQ, NYSE or other national exchanges. There are different types of UTS, BB and Pink Sheets. These can be Thinly Traded stocks, the price of which is close to zero, or cheap stocks with high price volatility. If the cost of such a stock is in the range of $ 1, even a small appreciation of the rate can bring a substantial profit.
You can invite customers to buy their shares through the NYSE, but in this case your profit will not exceed the market average. For example, you can call on customers to buy shares of Apple, they will start to buy them, but all will not receive much profit when selling, as Apple shares trade well and they are always in price. It should be noted that the “Pump & Dump” scheme is illegal on all exchanges, and for this you can be brought to justice.
So, we know the scheme by which spammers work, but we do not know which company is profitable. But the main problem is that someone really believes spam and people are so stupid that they buy these stocks. I always remove such offers from the mail. But when Kyle and I interviewed our colleagues, we learned that enough people still bought these GDK shares last week.
We looked at the stock price of these shares and saw that it rose in price by 60%, and the total number of shares exceeded 600 thousand. The profit of the spammer at the initial stock price of $ 1 could reach 250 thousand dollars. This statistic impressed us a lot!
If we look at the chart, we will see that spam started attacking customers on Friday, October 20. Prior to this, the stock price was about $ 1. And on Monday, October 23, the share price peaked.
We were interested in why spam started to be sent precisely on Friday, just before the closing of the stock market and the exchange. However, this was only the beginning, because 250 thousand dollars is not such a big profit. We checked the course of the same stock after 2 months and saw a very different picture! Here the game was high.
In 5 days, shares gained 300%, and 10 million shares have already earned $ 30 million in profits! We could not believe that there were so many simpletons who invested their money in these dummies. However, the fact was on the face, and we wondered - what can we do in this situation?
We found out such interesting information. During the first week of October, we received offers to buy shares of twenty different companies, but only 3 of them made a profit, and the GDK was the most tangible. The remaining 17 types of shares did not bring anything.
We wanted to understand why this is happening, why some stocks bring profit, while others do not. What information did we have? Approximately 1000 offers per week and exchange information for the previous week. That is, we could link the results of the previous week's trades with the volume and name of the next week's mailings. Everybody had exactly the same information; we had nothing special.
What did the rest of the spam problem researchers claim? In their work, Friedder and Zittrain reported on spam: “It has been proven that calling customers is related to market activity.” Their studies covered the years 2004-2005 and were quite serious. Hanke and Hauser, in their article "The effectiveness of spamming campaigns for the purchase of shares," also reported that there is a link between the volume of spamming and the price of the shares offered in them on the market. The more spam is sent, the more profits spammers receive from the proposed to purchase shares.
Many researchers have argued that after the 2006 stock market crash, spamming in this area died and does not have any more effect on the stock market. But this could not be, as we continued to receive tons of offers!
What was the difference between spamming lists from 2004-2005 and 2006-2007? The former contained mostly text that was filtered out by spam filters. They analyzed whether the letter contains the word “shares” and whether there is a graphic symbol denoting a share. If the conditions were met, the letter was marked as spam. The second ones contained mostly graphic information, pictures that spam filters could not track.
So, we wondered: how can you sort graphic spam? After analyzing several graphics recognition programs, we realized that sorting is possible only manually! And we did it.
This is how it looked on our computer: folders containing a lot of graphic files, and packs containing hundreds and hundreds of email addresses of spammers. And we managed to sort it all out!
We spent 14 weeks on sorting, processed more than 50,000 spam letters and 12,168 shares. As a result, we received some data. Here is what we learned from them:
previous results, the relative power of the network botnet, the identification of the unique signatures of spammers.
The relative power of the botnet allowed us to sort by stock symbols and link certain email addresses to specific symbols.
Consider a diagram that shows the dependence of the number of letters with GDKI stock distribution by day of the week.
The vertical green dotted line shows the time when the market opens, the red - the time of market closure. Yellow vertical lines demarcate the period from Friday to Friday when mailing starts. The rest of the colored lines at the bottom of the graph show the intensity of the distribution of other stocks - it grew and then stopped, and only the distribution of GDKI stocks constantly increased.
And here we noticed an interesting feature: GDKI spamming freezes during the market, that is, between the opening and closing of the exchange letters do not come! This is indicated by horizontal segments of the distribution volume chart.
What is the conclusion? The guys who send letters are busy at the market at this time - they are the ones who sell stocks! Therefore, they do not have time to send letters.
We further noted that at the same time, the activity of the botnet network, which sends out GDKI, ceases. This allows you to identify the network botnet or spammers, the organization that sends these letters. Consider what constitutes a spammer's signature. Each spammer uses his own style of e-mail: text layout, letter coding, type of capital letters, font style.
This is easy to see if you look at each of the 50,000 letters received with your own eyes.
And here we come into the game! We choose a successful spammer, who in a certain week filled us up with the maximum amount of letters. Then we check its activity next week, compare it with the previous one, and so on. If we find actions that have the same dynamics in the market as the dynamics of sending letters, then we establish a connection between the specific name of the action and the specific spammer. In the end, we get the email address of this spammer.
What do we do next? We are watching the market activity and spamming next week and make the same schedule. And what do we see? Practical repetition of the GDKI schedule, only this time it is a completely different action - the shares of the company SBNS! What does an e-mail that “svatyvae” us SBNS shares? In the same way as the letter of appeals to buy shares of GDKI! That is, the mailing is carried out by the same spammer with a distinctive signature style. It uses the same botnet network, as evidenced by its activity.
We continue our work further. The third week of observations gave us 3 more schedules of spamming other promotions:
One of these guys is definitely our spammer - now he is sending out SRRL promotions, the same dynamic of mailing and the same style of letters. But the other two spammers have a completely different handwriting. The second graph EGLY has a specific character and a fixed volume of distribution. We compared these mailing charts with market statistics - do you think the second and third guys had any success? After all, they, too, rapidly increased the volume of distribution! It turned out that nothing of the kind was observed with EGLY and NPM, that is, there was no sale of these shares at all!
Why did this happen? Take another look at the letter of the first spammer and the letters of the other two. That's the problem - sending out them is just a text, a bare text! Compare what the first spammer's mailing looks like and how the two others' mailing looks. They used such a powerful botnet network, but did not achieve any result because they sent simple text.
Next 4 weeks - our hacker began to send MPRG offers. The same writing style, powerful mailing. At week 5, we see the same powerful spamming, the same botnet, and again no result on the exchange.
Within 5 weeks, the spammers sending the text did not achieve any result, and at week 6 they almost stopped sending. You see that we have changed the scale of the number of mailings from 300 to 900. One of the text spammers offering APWL shares increased the list to the maximum, the second, WEXE, remained at the same level. The increase in the number of spam did not bring any result, and APWL did not appear on the exchange.
We looked at the number of WEXE shares purchased by the spammer. The amount was impressive - at about $ 2 million. That is, he invested a lot of money in a pacifier, without winning anything. And in the seventh week, he disappeared altogether. We do not like to receive spam, but the failure of this guy upset us. Thus, text spamming spammers behave like crazy. They continue to do it again and again, spend money and at the same time do not even try to understand the reason for their failures.
Until mid-January 2007, nothing interesting happened in the spam mailing list. For 13 weeks, spammers went completely crazy - they continued to spam 15 shares in the same text format and again did not achieve anything. I didn’t even try to depict this on the chart - such a number of mailings of different actions did not even fit.
Observations allowed us to come to such conclusions: you can not follow the distribution of other spammers, we already knew what it would be, we calculated the "winner" with one of his mailings, as soon as the first spammer sends the first letter, we begin to buy the advertised shares!
We started buying stocks at this moment, which is shown on the chart:
We became participants in his game, following his rules, and thus were able to snatch our piece of cake.
That's what the Jordan-Vogt method is: sorting the weekly amount of spam by stock symbols, determining the spammer by mailing style, comparing the past performance of each spammer, identifying the most successful spammer, as soon as the first email from this spammer appears, start buying stocks, wait, until their value reaches a peak, and sell immediately!
Does this method work? Yes and no. It works for several weeks until all possible niches in the market are filled with spam. Even successful spammers incur losses like that guy with $ 2 million. Network botnets sometimes crash. The effect of perespam comes, attracting the attention of the SEC - the Securities and Exchange Commission. Here is an example of Operation Spamalot, Operation Too Much Spam, which was conducted in March 2007.
SEC tracked operations on 35 trading platforms. As a result, 2 residents of Texas were accused of illegal game on the stock exchange and fraud in the amount of $ 3.8 million. The operation began due to the fact that SEC lawyers became interested in a large number of spam advertising campaigns, which were sent to them by mail.
Can our method earn again? Maybe. Spam is sent out cyclically, the botnet network appears and disappears.
In April 2009, I again reviewed my spam folder, in which there were about 3,000 thousand mailings. , , , , , , , , . !
. , , , . . ? , . - .
, , . , 3 . , , , , . , . , , « ».
– « , » « , , , ». , ! , !
.
— , ?
, , . , . , 2007 , .pdf
– , ?
, . , , . , , , .
– SEC , ?
, , , .
– ?
! , , , , . , , , . , , – , , .
– , ?
. , . 5% — , 50% — .
– , , ?
, - , , «».
– - , -?
. 1 , 5 – .
– ?
, , , , . , , . .
– , ?
, . .
– - ?
, . , , , .
– , ?
, , , GDKI 2006 – 2007 .
Thank you for staying with us. Do you like our articles? Want to see more interesting materials? Support us by placing an order or recommending to friends, 30% discount for Habr users on a unique analogue of the entry-level servers that we invented for you: The Truth About VPS (KVM) E5-2650 v4 (6 Cores) 10GB DDR4 240GB SSD 1Gbps $ 20 or how to share the server? (Options are available with RAID1 and RAID10, up to 24 cores and up to 40GB DDR4).
Dell R730xd 2 times cheaper? Only we have 2 x Intel Dodeca-Core Xeon E5-2650v4 128GB DDR4 6x480GB SSD 1Gbps 100 TV from $ 249 in the Netherlands and the USA! Read about How to build an infrastructure building. class c using servers Dell R730xd E5-2650 v4 worth 9000 euros for a penny?
We are not stock exchange experts, spammers or people who suddenly became rich by playing on the stock exchange. Therefore, all that I will talk about the exchange market and about spam is an outside view, that is, the experience of people who have no direct relation to it. When we started to do this, everything looked like through bubbles from soda, and therefore the project reflects our view of things exactly at that time. We had too little information, we didn’t imagine how a botnet works, how spammers manage it and how they send information to your mailbox.
Every time you open your mail, you find spam there. These are tips on how to increase penis size, or letters from “bad” girls from Russia, or a notice in which the former prince of Nigeria reports that he has made you the heir of his millions. However, one type of spam attracted the attention more than others - it was spam about the stock market. These were strange “clues” calling for the purchase of certain stocks, the course of which is about to jump “above the roof”. Like most people, I removed this spam, but once Kyle gave birth to one of the most stupid ideas I have ever met: "There must be a way that will help us select some of the money of these same spammers!"
')
After several attempts and failures proving Kyle’s wrongness, we plunged into the dark depths of exchange spam for 4 months. As a result, we concluded that it is possible to judge some things without even knowing what exactly is their basis. Enough is only the information that is in the public domain and that everyone has.
Today, I will explain to you how we have moved from manually sorting tens of thousands of spam letters to the strategy of “grabbing” pieces from spam profits. Our work allowed us to obtain data that refuted the results of almost all existing research on exchange spam.
It all began in October 2006, when all users of the network were literally flooded with spamming letters sending out offers to play on the stock exchange of gold mining companies GDK. It was then that Kyle said that there must be a way to “fuck” money from these spammers, to which I replied: “You're an idiot, Kyle!”
I'll explain why at first it seemed to me that Kyle was wrong. Profit based on asymmetric information on the principle "I know what you do not know." No one could trade if they were selling goods at exactly the price at which they want to buy. That is, I will offer a price, but I don’t know if you can pay it, and you will offer payment without knowing whether I will agree to it. If this were not the case, all prices would be fixed. Therefore, everyone knows that such financial information is always in the price.
So everyone gets spam. What do we know that which others do not know? At first we had to find out for ourselves what all these people do with the received spam, how they react to it. Maybe they are really tempted by the offer and buy shares? If spammers send such letters, it means that someone “bites” at them! What is the process? They send spam, then what happens is unknown, and after that spammers make a profit!
The process is a classic “Pump & Dump” scheme - “Pumping and dumping”, in which unscrupulous traders inflate interest in pre-purchased shares in order to sell them to inexperienced investors at an inflated price.
As a result, profits are lodging in their pockets, and the client suffers losses when selling artificially inflated stock prices. Anatomy "Pump & Dump" is as follows.
I own 100 shares of a company worth $ 1 each. I go to the bulletin board of the exchange and tell everyone that these stocks are rapidly increasing in price. People are starting to buy these stocks, and they are rising in price. When the price rises to $ 2 per share, I sell my 100 shares and get $ 100 profit. The demand was created artificially, everyone who wanted to buy these shares, bought them, and there are no more buyers. Shareholders want to sell them and find out that there is simply no one to sell them! No one wants to buy more stocks for such a price, and they begin to fall. And the price drops even lower than the one for which they were originally offered. Everyone suffers losses, except for the one who started this whole combination.
The following picture shows my profit and their losses. My profits grew gradually, and their losses were swift. This is called "calling customers". The concept is old and well known - it can be oral agitation, advertising speculative project "Boiler room" or forums. However, spam provides you with a wider audience for a small price.
You can communicate information beneficial to you to millions and millions of people. Profit depends on how early you started to recruit customers. The amount of losses depends on how quickly you started selling your shares. The last sellers get practically nothing, that is, they just throw money down the drain.
What types of stocks are spammers selling? These can be cheap Penny Stocks or OTC OTC stocks that are not represented on the well-known NASDAQ, NYSE or other national exchanges. There are different types of UTS, BB and Pink Sheets. These can be Thinly Traded stocks, the price of which is close to zero, or cheap stocks with high price volatility. If the cost of such a stock is in the range of $ 1, even a small appreciation of the rate can bring a substantial profit.
You can invite customers to buy their shares through the NYSE, but in this case your profit will not exceed the market average. For example, you can call on customers to buy shares of Apple, they will start to buy them, but all will not receive much profit when selling, as Apple shares trade well and they are always in price. It should be noted that the “Pump & Dump” scheme is illegal on all exchanges, and for this you can be brought to justice.
So, we know the scheme by which spammers work, but we do not know which company is profitable. But the main problem is that someone really believes spam and people are so stupid that they buy these stocks. I always remove such offers from the mail. But when Kyle and I interviewed our colleagues, we learned that enough people still bought these GDK shares last week.
We looked at the stock price of these shares and saw that it rose in price by 60%, and the total number of shares exceeded 600 thousand. The profit of the spammer at the initial stock price of $ 1 could reach 250 thousand dollars. This statistic impressed us a lot!
If we look at the chart, we will see that spam started attacking customers on Friday, October 20. Prior to this, the stock price was about $ 1. And on Monday, October 23, the share price peaked.
We were interested in why spam started to be sent precisely on Friday, just before the closing of the stock market and the exchange. However, this was only the beginning, because 250 thousand dollars is not such a big profit. We checked the course of the same stock after 2 months and saw a very different picture! Here the game was high.
In 5 days, shares gained 300%, and 10 million shares have already earned $ 30 million in profits! We could not believe that there were so many simpletons who invested their money in these dummies. However, the fact was on the face, and we wondered - what can we do in this situation?
We found out such interesting information. During the first week of October, we received offers to buy shares of twenty different companies, but only 3 of them made a profit, and the GDK was the most tangible. The remaining 17 types of shares did not bring anything.
We wanted to understand why this is happening, why some stocks bring profit, while others do not. What information did we have? Approximately 1000 offers per week and exchange information for the previous week. That is, we could link the results of the previous week's trades with the volume and name of the next week's mailings. Everybody had exactly the same information; we had nothing special.
What did the rest of the spam problem researchers claim? In their work, Friedder and Zittrain reported on spam: “It has been proven that calling customers is related to market activity.” Their studies covered the years 2004-2005 and were quite serious. Hanke and Hauser, in their article "The effectiveness of spamming campaigns for the purchase of shares," also reported that there is a link between the volume of spamming and the price of the shares offered in them on the market. The more spam is sent, the more profits spammers receive from the proposed to purchase shares.
Many researchers have argued that after the 2006 stock market crash, spamming in this area died and does not have any more effect on the stock market. But this could not be, as we continued to receive tons of offers!
What was the difference between spamming lists from 2004-2005 and 2006-2007? The former contained mostly text that was filtered out by spam filters. They analyzed whether the letter contains the word “shares” and whether there is a graphic symbol denoting a share. If the conditions were met, the letter was marked as spam. The second ones contained mostly graphic information, pictures that spam filters could not track.
So, we wondered: how can you sort graphic spam? After analyzing several graphics recognition programs, we realized that sorting is possible only manually! And we did it.
This is how it looked on our computer: folders containing a lot of graphic files, and packs containing hundreds and hundreds of email addresses of spammers. And we managed to sort it all out!
We spent 14 weeks on sorting, processed more than 50,000 spam letters and 12,168 shares. As a result, we received some data. Here is what we learned from them:
previous results, the relative power of the network botnet, the identification of the unique signatures of spammers.
The relative power of the botnet allowed us to sort by stock symbols and link certain email addresses to specific symbols.
Consider a diagram that shows the dependence of the number of letters with GDKI stock distribution by day of the week.
The vertical green dotted line shows the time when the market opens, the red - the time of market closure. Yellow vertical lines demarcate the period from Friday to Friday when mailing starts. The rest of the colored lines at the bottom of the graph show the intensity of the distribution of other stocks - it grew and then stopped, and only the distribution of GDKI stocks constantly increased.
And here we noticed an interesting feature: GDKI spamming freezes during the market, that is, between the opening and closing of the exchange letters do not come! This is indicated by horizontal segments of the distribution volume chart.
What is the conclusion? The guys who send letters are busy at the market at this time - they are the ones who sell stocks! Therefore, they do not have time to send letters.
We further noted that at the same time, the activity of the botnet network, which sends out GDKI, ceases. This allows you to identify the network botnet or spammers, the organization that sends these letters. Consider what constitutes a spammer's signature. Each spammer uses his own style of e-mail: text layout, letter coding, type of capital letters, font style.
This is easy to see if you look at each of the 50,000 letters received with your own eyes.
And here we come into the game! We choose a successful spammer, who in a certain week filled us up with the maximum amount of letters. Then we check its activity next week, compare it with the previous one, and so on. If we find actions that have the same dynamics in the market as the dynamics of sending letters, then we establish a connection between the specific name of the action and the specific spammer. In the end, we get the email address of this spammer.
What do we do next? We are watching the market activity and spamming next week and make the same schedule. And what do we see? Practical repetition of the GDKI schedule, only this time it is a completely different action - the shares of the company SBNS! What does an e-mail that “svatyvae” us SBNS shares? In the same way as the letter of appeals to buy shares of GDKI! That is, the mailing is carried out by the same spammer with a distinctive signature style. It uses the same botnet network, as evidenced by its activity.
We continue our work further. The third week of observations gave us 3 more schedules of spamming other promotions:
One of these guys is definitely our spammer - now he is sending out SRRL promotions, the same dynamic of mailing and the same style of letters. But the other two spammers have a completely different handwriting. The second graph EGLY has a specific character and a fixed volume of distribution. We compared these mailing charts with market statistics - do you think the second and third guys had any success? After all, they, too, rapidly increased the volume of distribution! It turned out that nothing of the kind was observed with EGLY and NPM, that is, there was no sale of these shares at all!
Why did this happen? Take another look at the letter of the first spammer and the letters of the other two. That's the problem - sending out them is just a text, a bare text! Compare what the first spammer's mailing looks like and how the two others' mailing looks. They used such a powerful botnet network, but did not achieve any result because they sent simple text.
Next 4 weeks - our hacker began to send MPRG offers. The same writing style, powerful mailing. At week 5, we see the same powerful spamming, the same botnet, and again no result on the exchange.
Within 5 weeks, the spammers sending the text did not achieve any result, and at week 6 they almost stopped sending. You see that we have changed the scale of the number of mailings from 300 to 900. One of the text spammers offering APWL shares increased the list to the maximum, the second, WEXE, remained at the same level. The increase in the number of spam did not bring any result, and APWL did not appear on the exchange.
We looked at the number of WEXE shares purchased by the spammer. The amount was impressive - at about $ 2 million. That is, he invested a lot of money in a pacifier, without winning anything. And in the seventh week, he disappeared altogether. We do not like to receive spam, but the failure of this guy upset us. Thus, text spamming spammers behave like crazy. They continue to do it again and again, spend money and at the same time do not even try to understand the reason for their failures.
Until mid-January 2007, nothing interesting happened in the spam mailing list. For 13 weeks, spammers went completely crazy - they continued to spam 15 shares in the same text format and again did not achieve anything. I didn’t even try to depict this on the chart - such a number of mailings of different actions did not even fit.
Observations allowed us to come to such conclusions: you can not follow the distribution of other spammers, we already knew what it would be, we calculated the "winner" with one of his mailings, as soon as the first spammer sends the first letter, we begin to buy the advertised shares!
We started buying stocks at this moment, which is shown on the chart:
We became participants in his game, following his rules, and thus were able to snatch our piece of cake.
That's what the Jordan-Vogt method is: sorting the weekly amount of spam by stock symbols, determining the spammer by mailing style, comparing the past performance of each spammer, identifying the most successful spammer, as soon as the first email from this spammer appears, start buying stocks, wait, until their value reaches a peak, and sell immediately!
Does this method work? Yes and no. It works for several weeks until all possible niches in the market are filled with spam. Even successful spammers incur losses like that guy with $ 2 million. Network botnets sometimes crash. The effect of perespam comes, attracting the attention of the SEC - the Securities and Exchange Commission. Here is an example of Operation Spamalot, Operation Too Much Spam, which was conducted in March 2007.
SEC tracked operations on 35 trading platforms. As a result, 2 residents of Texas were accused of illegal game on the stock exchange and fraud in the amount of $ 3.8 million. The operation began due to the fact that SEC lawyers became interested in a large number of spam advertising campaigns, which were sent to them by mail.
Can our method earn again? Maybe. Spam is sent out cyclically, the botnet network appears and disappears.
In April 2009, I again reviewed my spam folder, in which there were about 3,000 thousand mailings. , , , , , , , , . !
. , , , . . ? , . - .
, , . , 3 . , , , , . , . , , « ».
– « , » « , , , ». , ! , !
.
— , ?
, , . , . , 2007 , .pdf
– , ?
, . , , . , , , .
– SEC , ?
, , , .
– ?
! , , , , . , , , . , , – , , .
– , ?
. , . 5% — , 50% — .
– , , ?
, - , , «».
– - , -?
. 1 , 5 – .
– ?
, , , , . , , . .
– , ?
, . .
– - ?
, . , , , .
– , ?
, , , GDKI 2006 – 2007 .
Thank you for staying with us. Do you like our articles? Want to see more interesting materials? Support us by placing an order or recommending to friends, 30% discount for Habr users on a unique analogue of the entry-level servers that we invented for you: The Truth About VPS (KVM) E5-2650 v4 (6 Cores) 10GB DDR4 240GB SSD 1Gbps $ 20 or how to share the server? (Options are available with RAID1 and RAID10, up to 24 cores and up to 40GB DDR4).
Dell R730xd 2 times cheaper? Only we have 2 x Intel Dodeca-Core Xeon E5-2650v4 128GB DDR4 6x480GB SSD 1Gbps 100 TV from $ 249 in the Netherlands and the USA! Read about How to build an infrastructure building. class c using servers Dell R730xd E5-2650 v4 worth 9000 euros for a penny?
Source: https://habr.com/ru/post/351680/
All Articles