Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Family That Spams Together Stays Together

Posted by CmdrTaco on from the thats-just-bizarre dept.

Anonymous Coward writes "The Globe & Mail has a story about an Ontario, Canada man who is being sued, along with his father and brother, by Yahoo under the CAN-SPAM Act. The Yahoo suit claims that Eric Head, along with his father and brother, were sending out millions of spam emails per month, as well as compiling lists of email addresses to sell to other spammers. Eric's company, Gold Disk Canada Inc., gathered lists of email addresses and sold them for $29.99 for 100,000 email addresses on up to $1,599.99 for 10 million addresses."

11 of 196 comments (clear)

  1. Dupe by Gothmolly · · Score: 4, Informative

    http://slashdot.org/article.pl?sid=04/03/12/172622 1&mode=thread&tid=111&tid=126

    Christ, its from yesterday even.

    --
    I want to delete my account but Slashdot doesn't allow it.
  2. Privacy violation? by ogmiostech · · Score: 5, Informative

    The spammers are in Ontario you say? The spammers are SELLING personally identifiable information (e-mail addresses) you say? I'm not an expert...oh wait, I am...without the consent of the address owners, this guy is in clear violation of PIPEDA (the new, federal privacy act). Patrick

  3. Re:Wrong. by Eggplant62 · · Score: 5, Informative
    Ontario is in Canada. CAN-SPAM is a US act. This is Yahoo suing a spammer, the CAN-SPAM act is completely and utterly irrelevant.


    Being that these gents did business in the US by sending their spam to Yahoo addresses, they're fully culpable under US law. Same goes for any Canadian corporation doing business with the US: Fuck up and you'll be sued under the laws of the country where you fucked up.

    In fact, IIRC, the CAN-SPAM act specifically prohibits individuals / companies from taking legal action against alleged spammers.


    Seeing as how Yahoo is an internet service provider by the definition of the CANSPAM act, they're well within their rights to bring suit against the Heads.

    It's just too bad that there's not another brother named Richard to lend a comedic air to it all.
  4. 600 octillian, eh? by CausticPuppy · · Score: 4, Informative

    Wow, that's a lot.

    That's equivalent to every single person on the planet receiving over 3 trillion spams per second.

    --
    -CausticPuppy "Of all the people I know, you're certainly one of them." -Somebody I don't know
  5. Re:Is this really going to make a difference? by schon · · Score: 3, Informative

    a lot of it comes off American shores..

    Define "a lot".

    Most spam comes from INSIDE the US, not outside.

  6. Re:Wrong. Wrong. by MacAndrew · · Score: 4, Informative

    CAN-SPAM applies, and of course US law has extraterritorial effect.

    As for our end of things, laws extend as far as the counstitution (due process) allows. On the foreign end, they may be *practical* problems such as getting physical custody (extradition), seizing assets, collecting evidence, but the US and Canada are on very good terms and have one of the most significant economic relationships in the world -- we can work it out. Also, if the defendants have violated the act and we can't reach them, they may still have reason to regret it -- and US assets might be forfeited and they might not want to visit. They can also be subject to suit in absentia -- if they refuse to show up on proper notice and jurdiction, they may lose their defenses.

    Jurisdiction derives from the domestic effects, you can't just hide on the other side of the border. The classic example is that if you shoot someone across the border, you are subject to the jurisdiction; yes this applies to fraud and other intangible offenses like the Nigerian scams. Again, the problems are practical. About CAN-SPAM. The practical problems in enforcing it are HUGE, but clearly the theoretical jurisdiction exists. Also -- it seems a bit implausible to suppose that Yahoo's lawyers missed so many first-year law classes that they didn't catch any of this.

    As for who may sue -- the law in enforceable by the FTC, civil action by the states, and not individuals but ISP's (here, Yahoo):

    (f) ACTION BY PROVIDER OF INTERNET ACCESS SERVICE.--

    (1) ACTION AUTHORIZED.--A provider of Internet access service adversely affected by a violation of section 5 may bring a civil action in any district court of the United States with jurisdiction over the defendant, or in any other court of competent jurisdiction, to--

    (A) enjoin further violation by the defendant; or

    (B) recover damages in an amount equal to the greater of--

    (i) actual monetary loss incurred by the provider of Internet access service as a result of such violation; or

    (ii) the amount determined under paragraph (2).

    (2) STATUTORY DAMAGES.--

    (A) IN GENERAL.--For purposes of paragraph (1)(B)(ii), the amount determined under this paragraph is the amount calculated by multiplying the number of willful, knowing, or negligent violations by an amount, in the discretion of the court, of up to $10 (with each separately addressed unlawful message carried over the facilities of the provider of Internet access service or sent to an electronic mail address obtained from the provider of Internet access service in violation of section 5(b) treated as a separate violation). In determining the per-violation penalty under this subparagraph, the court shall take into account the degree of culpability, any history of prior such conduct, ability to pay, the extent of economic gain resulting from the violation, and such other matters as justice may require.

    (B) LIMITATION.--For any violation of section 5 (other than section 5(a)(1)), the amount determined under subparagraph (A) may not exceed $500,000, except that if the court finds that the defendant committed the violation willfully and knowingly, the court may increase the limitation established by this paragraph from $500,000 to an amount not to exceed $1,500,000.

    (3) ATTORNEY FEES.--In any action brought pursuant to paragraph (1), the court may, in its discretion, require an undertaking for the payment of the costs of such action, and assess reasonable costs, including reasonable attorneys' fees, against any party.

  7. Re:Was it really worth it... by Anonymous Coward · · Score: 1, Informative

    The Canadian dollar has been up the US dollar in much of his history. And since the Iraq war, WE are climbing and YOU are dropping. Just FYI ;-)

  8. Re:Diluting spammer's harvested addresses (DDoP) by Liselle · · Score: 3, Informative

    You mean something like this?

    Or maybe something like this?

    Loads and loads of bogus email addresses for the spam bots to eat. Eat that, Ralsky! :P

    --
    Auto-reply to ACs: "Truly, you have a dizzying intellect."
  9. WTF (reality check needed) by Imperator · · Score: 5, Informative

    So you're telling me there are 6*10^29 spam messages sent out every year? The average year has 365.2425 days IIRC, which assuming no leap seconds means 31556952 seconds in a year. That works out to approximately 1.9*10^22 spam messages per second. The IPv4 address space has (far) fewer than 4294967296 available addresses. That means that each second, the average Internet-connected computer is sending out more than 4426865629872 spam messages. That's 4.4 trillion spam messages per second from every node on the network, including the billions that don't even exist.

    Which leaves me three questions:

    1. Where the fuck did you get that number?
    2. What innumerate moderator thought your post was informative?
    3. Are you karma whoring? (Seriously, I'm curious.)
    --

    Gates' Law: Every 18 months, the speed of software halves.
  10. They get that much for my addresses? by Anonymous Coward · · Score: 2, Informative

    I've been feeding spambots bad addresses for months and months now. They keep coming back for more and more. I've probably fed them millions of addresses. I'm hoping that those CDs contain mostly the garbage addresses I (and hopefully thousands of others) am/are feeding them. I do this via websites, at URLs that bots should leave alone (via the robots.txt file), via links that people can't see. I figure disobedient robots should be rewarded with infinite garbage. I'm using a souped-up version of Infinospam.pl, which belches forth megabytes of fictitious email addresses, Shovel.pl, which generates tons of garbage mixed with half complete mailto: urls, and SpamThis.pl, which takes the originating IP address of the request, and looks it up in the whois databases, and feeds back a series of disguised emails that are their own. I also see that there is another called wpoison available, that looks pretty good, and uses a pretty large dictionary. Like infinospam, it will generate a mix of mailto:, regular text, and links pointing to itself (in disguise), and is a cgi perl script. If enough people do this, the CD's that are for sale to spammers will be largely worthless.

  11. Info from the suit filing by Anonymous Coward · · Score: 1, Informative

    There are loads of details at: http://antispam.yahoo.com/spamandthelaw
    (look for Case Number 04 00965)

    According to the copy of the suit filing by Yahoo (a PDF file at http://docs.yahoo.com/docs/pr/pdf/complaint.pdf), the defendants are: Eric Head, Matthew Head and Barry Head, and "On information and belief, Defendants conduct their illegal operations from the physical address 27 Oliver Court and 31 Oliver Court, Kitchener, Ontario, Canada". The suit also claims these are the addresses listed in the business registration for the following companies: "golddisk.net, NetSales Industries, Gold Disk Canada, Inc., Infinite Technologies Worldwide, Inc and Head Programming, Inc." Yes, golddisk.net appears to have a web site, though it doesn't say much (basically a "coming soon").