It's a bear market for stock spam, report finds

There's another business hurting because of the global economic downturn, but don't expect any sympathy from consumers or a bail out from government: stock spamming, it appears, is not as lucrative as it once was.

Stock spam made up just 0.6 per cent of all email spam caught by content filters in the second half of 2008, down from 9.6 per cent in the first half of the year, according to a Microsoft security report published Tuesday.

"Stock-related spam all but disappeared from the content filters," the report found.

In the typical "pump-and-dump" stock spam, the spammer would lure people to invest in a tiny stock the spammer owned shares in, and then after the stock price rose in response to the new buyers, the spammer would sell their shares and move on to the next stock. A report from Purdue University in Indiana in 2006 found that after the spammer stops touting the stock, the value often collapses.

The report said the decline in stock spam mirrored the global economic downturn, suggesting stock spam became less profitable at a time because consumers were likely to take fewer risks with their investments.

The report said the vacuum has in part been filled by a new kind of spam called "non-stock related financial spam" that now makes up 3.8 per cent of all spam and includes subject areas such as mortgage refinancing or debt consolidation.

As with previous years, spam was dominated by product advertisements, particularly for pharmaceutical products, the report found.

The report found that 97 per cent of all email traffic is spam, although most of this email is filtered out before it reaches the consumer.

The report also found fake security software that actually exploits vulnerabilities in computers has become the latest threat online.

The Microsoft Security Intelligence Report said three of the Top 10 pieces of malicious software found on computers worldwide are what they call "rogue security software."

The fake programs are designed to prey on people's fear of viruses and computer worms. A recent example of their use came in late March in the lead-up to the April 1 update to a version of Conficker worm, when links to fake security companies offering to remove the worm appeared in search results on websites like Google.

One of the these programs was found on 4.4 million distinct computers in the second half of 2008, according to the Microsoft report, while the other two were detected on more than 1.5 million computers over the same time period.

Microsoft said about one in 120 computers worldwide — or 8.6 infected computers for every 1,000 uninfected computers — was infected with malicious software in the second half of 2008.

That rate varied country to country, with Canada's infection rate significantly lower than the worldwide average. About one in 250 computers in Canada had an infection during the same time frame, the 19th-lowest infection rate among the 215 locations studied.

In the United States, for example, there were 9.1 infected computers for every 1,000 that were uninfected.