New Jersey Broker Charged in "Cherry-Picking" Scheme (DOJ Release)https://www.justice.gov/usao-ma/pr/new-jersey-broker-charged-cherry-picking-schemeSEC Uses Data Analysis to Detect Cherry-Picking By Broker (SEC Release 2018-189)https://www.sec.gov/news/press-release/2018-189Former stockbroker Michael Bressman was Indicted in the United States District Court for the District of Massachusetts for securities fraud and investment advisor fraud. Allegedly, Bressman placed trades in an omnibus/allocation account from which he cherry-picked some $700,000 in profitable trades and transferred the proceeds into his own and family members accounts. The unprofitable trades were allocated to other customers. Separately, the SEC filed a Complaint in the same District Court charging Bressman with antifraud violations and seeking the return of allegedly ill-gotten gains, plus interest, penalties and a permanent injunction. The SEC asserts that it had uncovered the alleged fraud with data analysis used to detect suspicious trading patterns.READ the FULL TEXT SEC Complaint https://www.sec.gov/litigation/complaints/2018/comp-pr2018-189.pdf
The term "net" trading generally refers to contemporaneous principal transactions where the initial and offsetting transactions are at different prices. For example, a firm trades on a "net" basis when it accumulates a position at one price and executes the offsetting trade with its customer or broker-dealer client at another price. These trades may otherwise be considered riskless principal transactions, except the initial and offsetting transactions are effected at different prices. As such, they do not constitute riskless principal transactions within the specific definition of that term under FINRA equity trade reporting rules.FINRA rules do not prohibit net trading or mandate the prices at which firms must execute the initial and offsetting transactions. However, if a firm chooses to trade on a net basis, it must comply with all applicable rules, including, but not limited to, the FINRA trade reporting rules, FINRA Rules 2124 (Net Transactions with Customers), 2121 (Fair Prices and Commissions), 5310 (Best Execution and Interpositioning) and 5320 (Prohibition Against Trading Ahead of Customer Orders), and SEC Rule 611 under Regulation NMS (Order Protection Rule). , ,
[S]ahurovs operated a "bullet-proof" web hosting service in Latvia, through which he leased server space to customers seeking to carry out criminal schemes without being identified or taken offline. The defendant admitted that he knew his customers were using his servers to perpetrate criminal schemes, including the transmission of malware, fake anti-virus software, spam, and botnets to unwitting victims, and he received notices from Internet governance entities (such as Spamhaus) that his servers were hosting malicious activity. Nonetheless, Sahurovs admitted he took steps to protect the criminal schemes from being discovered or disrupted, and hosted them on his servers for financial gain.Sahurovs admitted that from in or about February 2010 to in or about September 2010, he registered domain names, provided bullet-proof hosting services, and gave technical support to a "scareware" scheme targeting visitors to the Minneapolis Star Tribune's website. On Feb. 19, 2010, the Minneapolis Star Tribune began hosting an online advertisement, purporting to be for Best Western hotels, on its website, startribune.com. Two days later, however, the advertisement began causing the computers of visitors to the website to be infected with malware. This malware, also known as "scareware," caused visitors to experience slow system performance, unwanted pop-ups and total system failure. Website visitors also received a fake "Windows Security Alert" pop-up informing them that their computer had been infected with a virus and another pop-up that falsely represented that they needed to purchase the "Antivirus Soft" computer program to fix their security issues, at a price of $49.95.Website visitors who clicked the "Antivirus Soft" window were presented with an online order form to purchase a purported security program called "Antivirus Soft." Users who purchased "Antivirus Soft" would receive a file download that "unfroze" their computers and stopped the pop-ups and security notifications. However, the defendant admitted, the file was not a real anti-virus product and did not perform legitimate computer security functions, and merely caused malware that members of the conspiracy had previously installed to cease operating. Meanwhile, the defendant admitted, victim users who did not choose to purchase "Antivirus Soft" became immediately inundated with so many pop-ups containing fraudulent "security alerts" that all information, data, and files on their computers were rendered inaccessible. Members of the conspiracy defrauded victims out of substantial amounts of money as a result of the scheme. The defendant admitted that as a result of his participation, he made between $150,000 and $250,000 U.S. dollars.
[S]ince the late 1990s until his arrest in April 2017, Levashov controlled and operated multiple botnets, including the Storm, Waledac and Kelihos botnets, to harvest personal information and means of identification (including email addresses, usernames and logins, and passwords) from infected computers. To further the scheme, Levashov disseminated spam and distributed other malware, such as banking Trojans and ransomware, and advertised the Kelihos botnet spam and malware services to others for purchase in order to enrich himself. Over the course of his criminal career, Levashov participated in and moderated various online criminal forums on which stolen identities and credit cards, malware and other criminal tools of cybercrime were traded and sold.