Skip to main content

The WiKID Blog

Viewing posts tagged Phishing and Fraud


Security Focus has a breif on the SEC's action to suspend trading in pump & dump stocks. The full SEC press release is here. From the press release:

On Friday, Dec. 15, 2006, shares in Apparel Manufacturing Associates, Inc. (APPM) closed at $.06, with a trading volume of 3,500 shares. After a weekend spam campaign distributed emails proclaiming, "Huge news expected out on APPM, get in before the wire, We're taking it all the way to $1.00," trading volume on Monday, Dec. 18, 2006, hit 484,568 shares with the price spiking to over 19 cents a share. Two days later the price climbed to $.45. By Dec. 27, 2006, the price was back down to $.10 on trading volume of 65,350 shares.
Maybe I'm missing something here, but don't you think the pump and dumpers sold their stocks before the end of the year? I mean it's not like they were waiting to get the income into the next tax year.


Mordaxus at Emergent Choas has an inciteful post on how the government can protect people from identity theft.

I can think of a situation we need protection from. Here is a scenario. Let us take the case of a lender, Larry. We need a law to make it so that if Larry lends money to Alice, he cannot try to collect it from Bob. That's all we need. If we have that, we'll have all the legal protection we need to solve identity theft.
This is an interesting idea, but I fear that it is too simplistic. I suspect that this is the current law. The problem is really the burden of proof. Currently, Bob has to prove to Larry that he did not borrow the money. Larry gets to put all sorts of nastiness onto Bob's credit report that Bob will never be able to get off. Bob can sue Larry, butas mordaxus points out, the way to change the business practice is to make it not worthwhile, which means a class-action lawsuit.


I forgot to mention that I have an article up on SearchSoftwareQuality: Stronger authentication needed for Web applications. Here's the gist:

In this article we consider three authentication processes in a typical complex Web application that requires security, such as online banking or brokerage transactions:


A great analogy: strong authentication is like Penicillin for your network security


Hat tip to Daniel about Nokia's study regarding 3G cell phone usage. Unfortunately, it looks like the report is no longer available.

Recent Posts







RSS / Atom