SEC Continues to Target Account Intrusions

The SEC filed a third action in recent months involving the fraudulent practice of online account intrusion.  On March 6, the SEC obtained an order freezing $3 million in a Latvian-based bank’s U.S. trading account allegedly being used to conduct a hi-tech market manipulation scheme.  SEC v. One or More Unknown Traders in the Common Stock of Certain Issuers, Defendants, and JSC Parex Bank, Relief Defendant, (D.D.C. Mar. 6, 2007)  The complaint alleges a complex “pump and dump” scheme using electronic online brokerage accounts intrusions where between December 2005 through December 2006, one or more foreign-based unknown traders purchased, through four sub-accounts of an omnibus trading account titled in the name of Relief Defendant JSC Parex Bank and held at Pinnacle Capital Markets LLC of North Carolina, shares in 15 thinly traded U.S.-based companies.  The unknown traders then illegally and secretly accessed unsuspecting investors’ online brokerage accounts and sold off investors’ existing securities holdings and used the proceeds to buy shares of the thinly traded companies, thus increasing the share price and trading volume for the thinly traded companies.  The unknown traders then capitalized on the artificial “pump” in the stock price and then “dumped” their shares realizing at least $732,941 in ill-gotten gains, and possibly more. 

The SEC brought two similar cases in January 2007 and December 2006.  In January, the SEC filed a complaint charging Aleksey Kamardin in a similar pump and dump scheme.  SEC v. Aleksey Kamardin, (M.D. Fla. Jan. 25, 2007 )  The SEC alleged that the 21 year old profited from buying shares in thinly traded stocks in his own account and then subsequently hacking into online trading accounts of unwitting investors, liquidated existing equity positions and, using the resulting proceeds, purchased thinly traded stocks to create the appearance of trading activity and pump up the price of the stocks.  The SEC further alleges that Kamardin then sold his shares at the inflated prices.  Likewise, in December 2006, based on a similar scheme the SEC obtained a temporary restraining order which, among other things, froze the assets of Grand Logistic, S.A., a Belize corporation located in Tallinn, Estonia, and its owner, Evgeny Gashichev, a citizen of Russia, and orders the repatriation of funds taken out of the United States.  SEC v. Grand Logistic, S.A., et al., (S.D.N.Y. Dec. 19, 2006)  According to the complaint, between August 28 and October 13, 2006, Grand Logistic and Gashichev made $353,609 in unlawful profits by conducting at least 25 separate manipulations, involving the securities of at least 21 companies.  Gashichev reportedly purchased shares of thinly-traded companies, with low share prices, through an online trading account in the name of Grand Logistic at an Estonian financial services firm that has an omnibus account at a U.S. broker-dealer.  Soon after placing the trades, Gashichev allegedly secretly used electronically stolen usernames and passwords to access other online brokerage accounts to purchase large blocks of the same stock creating the stock price to artificially rise and then sold the shares he had earlier purchased in the Grand Logistic account.  

Since last fall, online intrusion has received increased attention as online broker-dealers came forward discussing millions of dollars in unauthorized trades.  As reported in the Washington Post, E-Trade Financial Corp., the nation’s fourth-largest online broker, and TD Ameritrade, the third-largest online broker, disclosed that each had suffered losses from customer account fraud.  See Ellen Nakashima, Washington Post, “Hackers Zero In on Online Stock Accounts,” (10/24/06).  The article commented that “breaking into customer accounts at large online brokerages in the United States and making unauthorized trades worth millions of dollars as part of a fast-growing new form of online fraud under investigation by federal authorities” and that “all hackers have to do is wait until anyone types in the Web address of E-Trade, Ameritrade or another online broker, and then watch the next several dozen keystrokes, which are likely to include someone’s password and login name.”  It also quoted John Reed Stark, chief of the Office of Internet Enforcement at the SEC as saying “[a]lthough these schemes cleverly combine aspects of securities fraud, identity theft and hacking, what they really boil down to is outright thievery, . . . “[i]n the last couple of months we have seen a marked increase in online brokerage account intrusions.”  

Although the SEC’s Office of Investor Education and Assistance issued an investor alert in November 2005 that provides tips for avoiding becoming a victim of an online intrusion, one can surmise that the unwilling investors will continue to be duped and, thus, the SEC and the DOJ will continue to investigate and bring cases against offenders.