Liars and tweets
15 December 2015
Social media platforms are being used to disseminate stolen research and malicious information, all in a bid to manipulate company share prices
Image: Shutterstock
The threat of identity theft in the digital world is a growing and real concern. Victims of these crimes can suffer significant financial loss as well as reputational damage that can be difficult to reclaim, even if the perpetrator is discovered—which is far from guaranteed.
A survey on cyber crime conducted by Get Safe Online in October 2014 showed that of the 51 percent of respondents had been the victim of cyber crime, such as fraud or theft, but only 14 percent ever discovered the identity of the person or people responsible.
As the risk of becoming a victim of cyber crime grows so does the cost of investment in protecting your business from the increasingly innovative methods used for fraud and theft.
For financial institutions, this includes closely monitoring social media platforms that are being used to share stolen research and malicious information, all in a bid to manipulate company share prices.
The explosion of social media use in recent years for both personal and professional purposes means it has become an invaluable resource for many but, at the same time, it has given criminals yet another avenue to exploit.
It is not unusual for a major companies to have dedicated LinkedIn, Twitter, Facebook and even Instagram accounts for posting content online and interacting with customers on a daily basis.
However, these platforms are built on attracting users through ease-of-access and the ability to quickly and efficiently set up an account with minimal checks or identity validation required.
The anonymity this offers is being exploited by cyber criminals who are using the lack of checks on user identity or posted content to increase their ill-gotten gains.
In November, James Craig, a 62-year-old trader living in a small town in Scotland was accused by the US Securities and Exchange Commission (SEC) of using Twitter to commit multiple cases of securities fraud.
According to the SEC, Craig created two false accounts in 2013 that mimicked the existing accounts of reputable securities research firms, Muddy Waters and Citron Research, and then published multiple tweets of malicious and entirely false information relating to two US-based companies, including a claim that one was under regulatory investigation, in an attempt to profit from the resulting market reaction through short selling.
The SEC alleged that Craig’s tweets caused sharp drops in stock prices and trading in Audience, a technology provider, and Sarepta Therapeutics, a biopharmaceutical company.
Audience’s share price plunged 28 percent after the first tweet and trading on Nasdaq was eventually halted. The next day, Craig’s tweets about Sarepta Therapeutics, using a phony Citron Research account, caused a 16 percent drop in its share price.
Both companies’ stock prices recovered once the fraud was revealed, but other shareholders caught up in the scam are estimated to have lost between $1 million and $1.8 million, according to official sources.
How do you kill a hydra?
“It [brand identity theft] is a significant problem because people trust brands and if you’re a thief you’re much more likely to be successful if you cloak yourself in a brand that’s well known and trusted,” says Larry McFarland, a trademark attorney and partner at Kilpatrick Townsend & Stockton in California.
The problem, as McFarland describes it, is two-fold. “It can either be fake reports where content is sent out using someone’s reputable name without their permission or, even more common, is the improper distribution of legitimate and confidential reports to everyone in the world.”
“My firm represents several large banks that have to deal with the problem of having their newsletters stolen and replicated under someone else’s name. This comes across my desk at least once every week, where confidential research has been posted all over the internet.”
The SEC’s claims of market manipulation through social media are just the latest examples of rogue traders capitalising on the platform to potentially access millions of investors.
In June 2010, the SEC brought charges against Carol McKeown and Daniel Ryan, a Canadian couple who used Twitter and Facebook, along with their own website, PennyStockChaser, to spread information that inflated the stock price of microcap companies in which they were significant share holders. They then profited from selling their shares.
A district court ordered the couple and their companies to pay more than $3.7 million in disgorgement for profits gained as a result of the alleged conduct, and ordered the couple to pay $300,000 in civil penalties.
Lifting the veil
Between January and the end of June this year, Twitter received 12,911 trademark notices, affecting 938 Twitter and Vine accounts.
Although not all of these will relate to direct attempts at fraud or identity theft of financial institutions, as Twitter does not provide such granularity in its statistics, it does highlight the scale of the problem facing social media platforms today.
To deal with the problem, a spokesperson for Twitter highlighted information on the Twitter help centre, which states: “When there is a clear intent to mislead others through the unauthorised use of a trademark, Twitter will suspend the account and notify the account holder.”
“When we determine that an account appears to be confusing users, but is not purposefully passing itself off as the trademarked good or service, we give the account holder an opportunity to clear up any potential confusion.”
“Companies like Facebook and Twitter have very robust takedown policies and they respond very quickly to requests so they [social media platforms] aren’t really the problem,” explains McFarland.
The Twitter spokesperson also stated that the platform’s policy on legal proceedings allows it to retain user information and tweets even after a user has deactivated the account, and it will release this information to law enforcement personnel if certain requirements are met.
McFarland says: “If you’re the lawyer for a major bank and something gets on Facebook, it can be taken down extremely quickly. It’s the obscure or smaller sites which are less organised to respond that make it harder.”
“The big social media companies comply with laws such as the Digital Millennium Copyright Act, which mean they take down reported content in order to get legal immunity for potentially hosting fraudulent or stolen content on their sites.”
Of course, an ounce of prevention is always worth a pound of cure, although that is an unrealistic prospect where social media is concerned. “Once it’s out there on the internet it’s out there for good,” says McFarland, “but what you can do is get it taken down from sites where consumers go to the most often.”
“A regular internet user isn’t likely to scour obscure sites looking for your content so if it’s down from the obvious places you’ve done a lot. But you can never have full protection.”
The SEC’s statement on its case against Craig showed that he was clearly aware of the odds of his being caught as, after his initial attempts at market manipulation, he allegedly created another Twitter account under new aliases to taunt law enforcement by claiming it would be too difficult to find the preparatory of the stock price crashes because no real names were used when creating the original accounts.
Once the SEC eventually came to point the finger at Craig, Jina Choi, director of the SEC’s San Francisco regional office, couldn’t resist a retort to Craig’s challenge
He said: “As alleged in our complaint, Craig’s fraudulent tweets disrupted the markets for two public companies and caused significant financial losses for their investors.”
“Craig also said in later tweets that the SEC would have a hard time catching the perpetrators. As today’s enforcement action demonstrates, those tweets turned out to be false as well.”
What’s to be done?
Once fraud has been identified and takedown notices have been issued to the relevant platforms, there are still some options left to financial institutions that have had their valuable research leaked or brands hijacked.
“Often times we try to go [to court] but it depends a lot on the circumstances such as quantity of the information leaked or whether the person is a repeat offender,” says McFarland.
“The vast majority of cases filed end in a settlement. If you file a lawsuit your main aim is to get an injunction or a court order to get the person to cease their fraudulent action. That way if they repeat it they will be in contempt of court, which is a very powerful thing.”
“The second aim is to get damages but often these people don’t have a lot of money so you’re not always going to be able to get everything you’ve lost.”
Here lies the root of the problem with this brand of crime. Lost profits and damaged reputations are often impossible to reclaim or repair.
Craig reportedly earned less than $100 from selling the stocks of his targets short, which would be little compensation to other shareholders that lost significantly more from the affair.
At the same time, the two securities research firms, whose identities were hijacked to spread the false information, will have suffered reputational damage that is difficult to quantify and even harder to redeem in the short term.
For social media platforms, incidents like those involving Craig or McKeown and Ryan are also damaging as they undermine the credibility of news sources using the platform and may drive users away all together.
The problem for the likes of Twitter and Facebook is that they are, in a way, victims of their own success. The sheer scale of information that is uploaded to these sites on a daily basis makes vetting it before it is published an impossible task. “A gatekeeper function for social media sites would be crazy,” comments McFarland.
Indeed, the rise of platforms such as Twitter and Facebook has been directly attributed to US law providing safe harbours from litigation. The Digital Millennium Copyright Act, for example, removes liability for copyright infringement committed by users if a platform responds promptly to takedown requests.
Following its allegation against Craig, the SEC published an investor alert outlining the most common risks of using social media as investment information tool.
“One way fraudsters may exploit social media is to engage in a market manipulation, such as spreading false and misleading information about a company to affect the stock’s share price. Wrongdoers may perpetuate stock rumours on social media, as well as on online bulletin boards and in Internet chatrooms,” stated the notice.
“The false or misleading rumours may be positive or negative. For example, in a pump-and-dump scheme, promoters ‘pump’ up the stock price by spreading positive rumours that incite a buying frenzy and they quickly ‘dump’ their own shares before the hype ends.”
“Typically, after the promoters profit from their sales, the stock price drops and the remaining investors lose money. In other instances, fraudsters start negative rumours urging investors to sell their shares so that the stock price plummets and the fraudsters take advantage of buying shares at the artificially low price.”
The SEC advises anyone who receives investment information through social media to verify the identity of the underlying source. They should look out for slight variations or typos in the sender’s account name, profile, email address, screen name or handle, or other signs that the sender may be an imposter. “Determine whether information appearing to be from a particular company or securities research firm is authentic.”
“When contacting a company or attempting to access its website, be sure to use contact information or the website address provided by the company itself, such as in the company’s SEC filings. Carefully type the website’s address into the address bar of your web browser.”
The SEC also outlined common red flags for investors to look out for when using social media for market information. These include: looking out for a limited history of posts that may indicate the account was relatively new; receiving an urgent message stressing the need to buy or sell specific stocks, especially from unsolicited sources; and unmasking unlicensed sellers or firms using the SEC’s Investment Adviser Public Disclosure website or the Financial Industry Regulatory Authority’s BrokerCheck service.
A survey on cyber crime conducted by Get Safe Online in October 2014 showed that of the 51 percent of respondents had been the victim of cyber crime, such as fraud or theft, but only 14 percent ever discovered the identity of the person or people responsible.
As the risk of becoming a victim of cyber crime grows so does the cost of investment in protecting your business from the increasingly innovative methods used for fraud and theft.
For financial institutions, this includes closely monitoring social media platforms that are being used to share stolen research and malicious information, all in a bid to manipulate company share prices.
The explosion of social media use in recent years for both personal and professional purposes means it has become an invaluable resource for many but, at the same time, it has given criminals yet another avenue to exploit.
It is not unusual for a major companies to have dedicated LinkedIn, Twitter, Facebook and even Instagram accounts for posting content online and interacting with customers on a daily basis.
However, these platforms are built on attracting users through ease-of-access and the ability to quickly and efficiently set up an account with minimal checks or identity validation required.
The anonymity this offers is being exploited by cyber criminals who are using the lack of checks on user identity or posted content to increase their ill-gotten gains.
In November, James Craig, a 62-year-old trader living in a small town in Scotland was accused by the US Securities and Exchange Commission (SEC) of using Twitter to commit multiple cases of securities fraud.
According to the SEC, Craig created two false accounts in 2013 that mimicked the existing accounts of reputable securities research firms, Muddy Waters and Citron Research, and then published multiple tweets of malicious and entirely false information relating to two US-based companies, including a claim that one was under regulatory investigation, in an attempt to profit from the resulting market reaction through short selling.
The SEC alleged that Craig’s tweets caused sharp drops in stock prices and trading in Audience, a technology provider, and Sarepta Therapeutics, a biopharmaceutical company.
Audience’s share price plunged 28 percent after the first tweet and trading on Nasdaq was eventually halted. The next day, Craig’s tweets about Sarepta Therapeutics, using a phony Citron Research account, caused a 16 percent drop in its share price.
Both companies’ stock prices recovered once the fraud was revealed, but other shareholders caught up in the scam are estimated to have lost between $1 million and $1.8 million, according to official sources.
How do you kill a hydra?
“It [brand identity theft] is a significant problem because people trust brands and if you’re a thief you’re much more likely to be successful if you cloak yourself in a brand that’s well known and trusted,” says Larry McFarland, a trademark attorney and partner at Kilpatrick Townsend & Stockton in California.
The problem, as McFarland describes it, is two-fold. “It can either be fake reports where content is sent out using someone’s reputable name without their permission or, even more common, is the improper distribution of legitimate and confidential reports to everyone in the world.”
“My firm represents several large banks that have to deal with the problem of having their newsletters stolen and replicated under someone else’s name. This comes across my desk at least once every week, where confidential research has been posted all over the internet.”
The SEC’s claims of market manipulation through social media are just the latest examples of rogue traders capitalising on the platform to potentially access millions of investors.
In June 2010, the SEC brought charges against Carol McKeown and Daniel Ryan, a Canadian couple who used Twitter and Facebook, along with their own website, PennyStockChaser, to spread information that inflated the stock price of microcap companies in which they were significant share holders. They then profited from selling their shares.
A district court ordered the couple and their companies to pay more than $3.7 million in disgorgement for profits gained as a result of the alleged conduct, and ordered the couple to pay $300,000 in civil penalties.
Lifting the veil
Between January and the end of June this year, Twitter received 12,911 trademark notices, affecting 938 Twitter and Vine accounts.
Although not all of these will relate to direct attempts at fraud or identity theft of financial institutions, as Twitter does not provide such granularity in its statistics, it does highlight the scale of the problem facing social media platforms today.
To deal with the problem, a spokesperson for Twitter highlighted information on the Twitter help centre, which states: “When there is a clear intent to mislead others through the unauthorised use of a trademark, Twitter will suspend the account and notify the account holder.”
“When we determine that an account appears to be confusing users, but is not purposefully passing itself off as the trademarked good or service, we give the account holder an opportunity to clear up any potential confusion.”
“Companies like Facebook and Twitter have very robust takedown policies and they respond very quickly to requests so they [social media platforms] aren’t really the problem,” explains McFarland.
The Twitter spokesperson also stated that the platform’s policy on legal proceedings allows it to retain user information and tweets even after a user has deactivated the account, and it will release this information to law enforcement personnel if certain requirements are met.
McFarland says: “If you’re the lawyer for a major bank and something gets on Facebook, it can be taken down extremely quickly. It’s the obscure or smaller sites which are less organised to respond that make it harder.”
“The big social media companies comply with laws such as the Digital Millennium Copyright Act, which mean they take down reported content in order to get legal immunity for potentially hosting fraudulent or stolen content on their sites.”
Of course, an ounce of prevention is always worth a pound of cure, although that is an unrealistic prospect where social media is concerned. “Once it’s out there on the internet it’s out there for good,” says McFarland, “but what you can do is get it taken down from sites where consumers go to the most often.”
“A regular internet user isn’t likely to scour obscure sites looking for your content so if it’s down from the obvious places you’ve done a lot. But you can never have full protection.”
The SEC’s statement on its case against Craig showed that he was clearly aware of the odds of his being caught as, after his initial attempts at market manipulation, he allegedly created another Twitter account under new aliases to taunt law enforcement by claiming it would be too difficult to find the preparatory of the stock price crashes because no real names were used when creating the original accounts.
Once the SEC eventually came to point the finger at Craig, Jina Choi, director of the SEC’s San Francisco regional office, couldn’t resist a retort to Craig’s challenge
He said: “As alleged in our complaint, Craig’s fraudulent tweets disrupted the markets for two public companies and caused significant financial losses for their investors.”
“Craig also said in later tweets that the SEC would have a hard time catching the perpetrators. As today’s enforcement action demonstrates, those tweets turned out to be false as well.”
What’s to be done?
Once fraud has been identified and takedown notices have been issued to the relevant platforms, there are still some options left to financial institutions that have had their valuable research leaked or brands hijacked.
“Often times we try to go [to court] but it depends a lot on the circumstances such as quantity of the information leaked or whether the person is a repeat offender,” says McFarland.
“The vast majority of cases filed end in a settlement. If you file a lawsuit your main aim is to get an injunction or a court order to get the person to cease their fraudulent action. That way if they repeat it they will be in contempt of court, which is a very powerful thing.”
“The second aim is to get damages but often these people don’t have a lot of money so you’re not always going to be able to get everything you’ve lost.”
Here lies the root of the problem with this brand of crime. Lost profits and damaged reputations are often impossible to reclaim or repair.
Craig reportedly earned less than $100 from selling the stocks of his targets short, which would be little compensation to other shareholders that lost significantly more from the affair.
At the same time, the two securities research firms, whose identities were hijacked to spread the false information, will have suffered reputational damage that is difficult to quantify and even harder to redeem in the short term.
For social media platforms, incidents like those involving Craig or McKeown and Ryan are also damaging as they undermine the credibility of news sources using the platform and may drive users away all together.
The problem for the likes of Twitter and Facebook is that they are, in a way, victims of their own success. The sheer scale of information that is uploaded to these sites on a daily basis makes vetting it before it is published an impossible task. “A gatekeeper function for social media sites would be crazy,” comments McFarland.
Indeed, the rise of platforms such as Twitter and Facebook has been directly attributed to US law providing safe harbours from litigation. The Digital Millennium Copyright Act, for example, removes liability for copyright infringement committed by users if a platform responds promptly to takedown requests.
Following its allegation against Craig, the SEC published an investor alert outlining the most common risks of using social media as investment information tool.
“One way fraudsters may exploit social media is to engage in a market manipulation, such as spreading false and misleading information about a company to affect the stock’s share price. Wrongdoers may perpetuate stock rumours on social media, as well as on online bulletin boards and in Internet chatrooms,” stated the notice.
“The false or misleading rumours may be positive or negative. For example, in a pump-and-dump scheme, promoters ‘pump’ up the stock price by spreading positive rumours that incite a buying frenzy and they quickly ‘dump’ their own shares before the hype ends.”
“Typically, after the promoters profit from their sales, the stock price drops and the remaining investors lose money. In other instances, fraudsters start negative rumours urging investors to sell their shares so that the stock price plummets and the fraudsters take advantage of buying shares at the artificially low price.”
The SEC advises anyone who receives investment information through social media to verify the identity of the underlying source. They should look out for slight variations or typos in the sender’s account name, profile, email address, screen name or handle, or other signs that the sender may be an imposter. “Determine whether information appearing to be from a particular company or securities research firm is authentic.”
“When contacting a company or attempting to access its website, be sure to use contact information or the website address provided by the company itself, such as in the company’s SEC filings. Carefully type the website’s address into the address bar of your web browser.”
The SEC also outlined common red flags for investors to look out for when using social media for market information. These include: looking out for a limited history of posts that may indicate the account was relatively new; receiving an urgent message stressing the need to buy or sell specific stocks, especially from unsolicited sources; and unmasking unlicensed sellers or firms using the SEC’s Investment Adviser Public Disclosure website or the Financial Industry Regulatory Authority’s BrokerCheck service.
NO FEE, NO RISK
100% ON RETURNS If you invest in only one securities finance news source this year, make sure it is your free subscription to Securities Finance Times
100% ON RETURNS If you invest in only one securities finance news source this year, make sure it is your free subscription to Securities Finance Times