These e-mail addresses were used to blast messages about cheap stocks, with the goal of convincing junk mail recipients to buy the stocks, artificially inflating the price before the people behind the scheme sold all of their shares of that stock. This is called a pump and dump scheme, and in itself will get you in trouble with the Securities and Exchange Commission. (The SEC will, indeed, catch up with them about the alleged securities fraud later.)
Last year, the same hackers hit multiple banks in a series of coordinated attacks, exploiting the Heartbleed bug to harvest the e-mail addresses of people with online accounts with JPMorganChase, E-Trade, ScottTrade, and the information service Dow Jones.
It makes sense, if you’re a scammy evil-doer: if you want to perpetrate a scam that means someone has to buy the stock you’re shilling right away, it makes sense if those people are savvy enough to have online brokerage accounts or online bank accounts.
The indictment of scheme leaders describes a criminal enterprise that employed hundreds of people and began in 2012. The brokerage accounts were part of a separate scheme to start a new criminal enterprise, recruiting the people whose information was stolen as clients on false pretenses.
U.S. announces criminal charges in massive 2014 JPMorgan hack [Washington Post]
by Laura Northrup via Consumerist
No comments:
Post a Comment