Feeds

Pro tip: Don't include SEC lawyer in your $4.6m botnet scam

Texas men settle lawsuit over spam scam

Beginner's guide to SSL certificates

When running a botnet to spam millions with emails touting your illegal stock-scalping scheme, it's rarely a good idea to include a US Securities and Exchange Commission lawyer's work address on the mailing list.

Alas, these kinds of oversights sometimes need to be learned the hard way, as allegedly is the case of two Texas men who recently settled a civil lawsuit with the SEC.

Darrel Uselton and his uncle Jack Uselton were charged with fraud by US regulators in 2007 based on claims they orchestrated a series of spam email campaigns using an array of botnets. The Useltons allegedly flooded inboxes across the country with spam emails pitching near-worthless penny stock using baseless price projections and other unfounded claims.

According to the Commission's complaint, the Useltons bilked investors out of more than $4.6m between May 2005 and December 2006 with their fraudulent activities. The SEC said the Useltons typically received unrestricted shares from penny-stock companies for little or no money in return for purported promotional activities.

The SEC pins the swindle as scalping - which it defines as purchasing a security for oneself, recommending that same stock to another (typically posing as a "market specialist"), then immediately selling the stock when the market price goes up following the recommendation. Running a botnet is also a big no-no.

The Useltons' scheme, as the SEC puts it, allegedly began to "unravel" when a Commission enforcement attorney received one of the email messages at work with the subject line "Experts are jumping all over this stock..." Shortly after, the attorney's inbox was filled with them.

Without admitting or denying the SEC's allegations, the Useltons agreed to be permanently banned from selling penny stock in the future. Out of $4.2m seized by authorities, Darrell Uselton will pay more than $2.8m in disgorgement and prejudgement interest. The SEC will also collect a $1m penalty.

Darrel Uselton still faces charges for engaging in organized criminal activity. ®

Protecting users from Firesheep and other Sidejacking attacks with SSL

More from The Register

next story
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
Jihadi terrorists DIDN'T encrypt their comms 'cos of Snowden leaks
Intel bods' analysis concludes 'no significant change' after whistle was blown
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
China hacked US Army transport orgs TWENTY TIMES in ONE YEAR
FBI et al knew of nine hacks - but didn't tell TRANSCOM
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.