Earthlink Wins Another Spam Award: $16 million

linuxwrangler writes "U.S. District Judge Thomas W. Thrash Jr. awarded Earthlink $16 million and an injunction against Howard Carmack for Carmack's use of Earthlink to deliver spam. Given that Earthlink is still awaiting payment of the $25 million it won against Kahn C. Smith last year, it views the injunction as the bigger of the two wins." A few more of these, and maybe the tide of spam will eb. Maybe. Nah.

Payment in Goods?

Seeing as how these spammers probably DON'T have millions of dollars in the bank, and even Microsoft was able to negotiate for penalties being only in software, is Earthlink likely to get a truck load of $16M of penile enhancement cream and Nigerian banknotes in compensation?

Re:Awards vs. Injunction

[gary+bernhardt]

Generalizations like this do *not* further the anti-spam cause. Spam is most definitely an area where very large financial gain is possible. This obviously precludes spammers being "low-rent" sleezebags.

This reminds me of the thousands of posts over the years on Slashdot asking "Why does anyone spam? Noone buys that stuff." Then about a year ago a story gets posted showing someone who made *millions* spamming, and everyone stopped discussing it as if it had never happened.

Randomly assigning adjectives to someone you view as an opponent will not help your position. All it will do is make you look like someone who blindly slings insults, without giving any thought to the situation.

Death of a spammer

[Animats]

As I've mentioned previously, we had a problem with a spammer forging our Downside(tm) return address, resulting in over 16,000 mail bounces. It's been a headache, but all 24 of his "extreme rape" web sites, plus his billing sites, are now off the net.

Originally, he was buying hosting from several US ISPs, including Rackspace. We asked the ISPs to identify the site owner, as required by law (because he accepts credit cards) and when they found they didn't have good info on him, they killed his accounts. He was using about five ISPs at a time, and had his own DNS server so that he could quickly switch from one ISP to another as he was kicked off. The spam itself went out via open Telnet proxies. Whois info is plausible, but fake.

This seemed like a big-time operator, but over time, a different picture emerged. It became clear that this guy's business isn't porno. It's collecting credit card numbers. The porno sites were very shallow. ISP operators told us they were typically $5/month hosting sites with maybe 1MB of content. Some of the web sites were purchased with bad credit card numbers.

This guy kept coming back, typically buying bottom-level hosting through resellers. He tried a hosting service in Mayalasia and got kicked off. He tried one in Brazil and got kicked off. He tried a "bulk friendly" ISP in the US and got kicked off. Finally, he ended up with everything on a server in St. Petersburg, Russia. It took a few days, but he's been kicked off there, too.

We have some hints of who he is. We've spoken to some people he's dealt with. When we get a solid ID, we'll go after him for trademark infringement.

It's possible to win these things. It's time consuming, but persist. Trace where the money goes, not where the spam comes from. Follow up daily. Half an hour a day keeps the spammers away.

Why isn't he in jail?

[runchbox]

The WSJ article said he'd used 350 stolen identities and credit cards to set up accounts. We've got the laws we need to put people in jail for credit card fraud -- so why is he at home avoiding phone calls?

Re:This is way too hard

[minas-beede]

And it involves a lot of grunt work per spammer.

Who are the spammers in the Tulsa, OK area? I've got some pretty good evidence against someone there. Wasn't much work at all. I received a relay test message from him, I delivered it, now spam is arriving that (so sorry, Mr. Spammer) isn't getting delivered. Over 5000 recipients so far. The spam comes to my fake open realy through open proxy systems.

He's sending the relay tests from:

adsl-65-70-89-125.dsl.tulsok.swbell.net

He spams:

Subject: FWD: ASSET - BACKGROUND - MISSING PERSON SEARCHES..
Subject: FWD: BACKGROUND & ASSET SEARCHES - SAME DAY!
Subject: Fwd: background & asset reports - same day..
Subject: WE FIND MISSING PERSONS FOR YOU...OR NO CHARGE..
Subject: Re: WE FIND MISSING PERSONS FOR YOU...OR NO CHARGE!
Subject: Re: BACKGROUND & ASSET REPORTS - SAME DAY"
Subject: Re: background checks - same day service!
Subject: ASSET SEARCHES - SAME DAY SERVICE.
Subject: Re: BACKGROUND & ASSET SEARCHES - NATIONWIDE SEARCHES'

with this phone number for the marks to call: 1-877-269-3892

His relay test message went to timsmith777@connectfree.co.UK

He's been sending tests from that same IP for quite some time so I think it's the spammers IP, not an open proxy.

Re:I wish I could get in on this

[Black+Copter+Control]

If they get more money back than was spent on the process, I will be surprised.
If they don't, then they shouldn't have sued in the first place.

Monetary awards are not the only reason for suing somebody (although going into court without a monetary interest can confuse the best of judges..). Here in BC there are many cases of companies going to court go get injunctions against protestors, etc. Although the injunctions are nominally interlocutory (until the case properly goes to court), they often stop prosecuting the case after the injunction is granted (i.e. the injunction is the only reason why they filed the injunction. I was actually surprised to find that they actually proceeded with one of these cases and got a ($6000) award.

Although they seem to have little hope of collecting on the $16M award, the fact that they can have these people arrested for violating the injunction can probably save them thousands of dollars in human an hardware costs.

Re:SPAM? What's that?

[CodeBuster]

The problem with this argument is that even if we all ran Bayesian Filters and blocked 99.9% of all spam messages from hitting our inboxes there would still be billions of messages going back an forth between mail servers before they are caught by the filters. This is a major drag on Internet bandwidth even if all of us never actually saw another spam in our inboxes ever again. These people who abuse their network privileges and degrade the network for the rest of us should be caught and punished for their behavior. Another thing that would really help is for slashdot people to advocate proper mail server configuration, including disallowing open relays, and education of all of the part-time mail sysadmins out there who perpetuate the problem with their own ineptness. There are groups already trying to do these things and it is helping, but it will take much more work on the part of mail admins and users to shut the spammers down for good.

Treat Spammers like hackers!!!

[pkinetics]

1. Spam is theft of services and or equipment.
2. Spam is often misrepresented, ergo fraud.
3. Spam is often sexual harrassment.

Why not go after these people for real crimes and send them to the slammer, confiscate their equipment, and all that other stuff the FBI loves to do? Also gotta figure if these guys are making any money, their probably violating some IRS law, so send more feds after them.

Bah... until judges and politicans actually grow up around this stuff, or have to answer their own emails, they'll never pursue it.

I bet when Bill Gates kids start getting spam, we'll see some radical solutions.

OK, I have a friend who is a sleazebag^W spammer

[Simon+Brooke]

I went round to see a friend last night. She is a mostly sensible, mostly reasonable, fairly tech literate person. Her values are on the whole mostly in the right place. She runs a small bunsiness and until recently her business has been mostly servicing a government contract. That contract ended and was not renewed. She has laid off most of her staff, but she has no income and still two employees to pay, and she's desperate to find new work.

A couple of months ago she came and talked to me about how to set up a bulk email thing and I thought I'd succeeded in persuading her that it was a seriously bad idea and she shouldn't do it. Apparently I hadn't; last night she told me she'd started sending bulk UCE.

This isn't someone whom I'd describe as sleazy, and it isn't someone who's stupid. It's someone who is desperate. I think you will find a lot of spammers are.

The problem can be tackled, it seems to me, at two levels. Yes, if there's legislation (particularly if it has real teeth) then peopel will get a good clue that this is not a good thing to do. But it also needs there to be a professional ethic among systems and network administrators that we will not allow the infrastructure we control to be used for this sort of thing, and that we will kick offenders off and cancel accounts; and that if our management say different we will refuse to work for them - a sort of hypocratic oath for geeks.